Category Archives: EAP6

JBAS010153: Node identifier property is set to the default value

I got the following warning on startup of EAP 6.4.2:

WARN  [org.jboss.as.txn] (ServerService Thread Pool — 46) JBAS010153: Node identifier property is set to the default value. Please make sure it is unique.

To get rid of this you have to add a node-identifier attribute in the transactions subsystem. Here is my actual config after adding the attribute:

<subsystem xmlns="urn:jboss:domain:transactions:1.5">
  <core-environment node-identifier="eap6">
    <process-id>
      <uuid/>
    </process-id>
  </core-environment>
  <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
  <coordinator-environment default-timeout="300"/>
</subsystem>

The default standalone.xml has no node-identifier=”SOME_ID” entry and that’s the reason for this warning.

Encrypted Database Passwords in JBoss

JBoss provides a simple mechanism to encrypt database passwords with blowfish. So the standalone.xml does not include our database passwords in plaintext anymore.

First you have to encrypt your password with org.picketbox.datasource.security.SecureIdentityLoginModule. This class includes a main method so you can run it with a single argument which has to be your plaintext password. The result will look like this:

Encoded password: 1ab234cf321cca

The class is included in jboss modules.

Then create a security-domain in your standalone.xml file:

<security-domain name="databaseSecure" cache-type="default">
  <authentication>
    <login-module code="org.picketbox.datasource.security.SecureIdentityLoginModule" flag="required">
      <module-option name="username" value="username"/>
      <module-option name="password" value="1ab234cf321cca"/>
    </login-module>
  </authentication>
</security-domain>

Or with cli:

/subsystem=security/security-domain=databaseSecure:add(cache-type=default)  
/subsystem=security/security-domain=databaseSecure/authentication=classic:add(login-modules=[{"code"=>"org.picketbox.datasource.security.SecureIdentityLoginModule", "flag"=>"required", "module-options"=>[("username"=>"username"), ("password"=>"1ab234cf321cca")]}])

 

The last step is to replace the username+password part of your datasource with a security-domain element. This would look like this in its simplest way:

<datasource jndi-name="java:jboss/datasources/mypgDS" pool-name="MypgDS" enabled="true" use-java-context="true">
  <connection-url>jdbc:postgresql:db1</connection-url>
  <driver>postgresql</driver>
  <security>
    <security-domain>databaseSecure</security-domain>
  </security>
</datasource>

After theses changes start your application server.

ATTENTION! The passphrase that is used for the Blowfish algorithm is hardcoded in the login module. To make this secure you have to change the password in that component. Change the source and recompile or create an extension and overwrite all necessary parts and add it as a new module.

Disable Stacktrace in Response of JBoss

To disable the source body in a stacktrace you have to add the following configuration to your web subsystem in standalone.xml:

<configuration>
  <jsp-configuration display-source-fragment="false"/>
</configuration>

Or with cli:

/subsystem=web/configuration=jsp-configuration:write-attribute(name=display-source-fragment, value=false)

 

Disable/Enable JSP Regeneration

To disable JSP regeneration (which is by default off in EAP6) simple add the following  to your web subsystem:

<configuration>
  <jsp-configuration development="false" />
</configuration>

Or with cli:

/subsystem=web/configuration=jsp-configuration:write-attribute(name=development,value=false)

Simply replace false with true to enable it.

Disable Deployment-Scanner in JBoss

Look for the deployment-scanner config in your standalone.xml and configure the scan interval to -1 to allow deployment onyl from shell or at startup. Here is the relevant part:

<subsystem xmlns="urn:jboss:domain:deployment-scanner:1.1">
  <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="-1"/>
</subsystem>

Or with cli:

/subsystem=deployment-scanner/scanner=default:write-attribute(name=scan-interval, value=-1)

 

Remove H2 JDBC-Driver from EAP6

To remove the H2 JDBC-driver from your EAP6 simply remove the relevant part from your standalone.xml:

<driver name="h2" module="com.h2database.h2">
  <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
</driver>

Or with cli:

/subsystem=datasources/jdbc-driver=h2:remove

 

Remove ExampleDS datasource in EAP6

To remove the ExampleDS datasource simply remove the relevant part from your standalone.xml:

<datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true">
  <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
  <driver>h2</driver>
  <security>
    <user-name>sa</user-name>
    <password>sa</password>
  </security>
</datasource>

Or with cli:

/subsystem=datasources/data-source=ExampleDS:remove

 

Configure Aliases in EAP6

The default configuration states localhost and example.com as aliases. To change this you have to simply change or remove the specific parts of your virtual-server config in your standalone.xml:

<virtual-server name="default-host" enable-welcome-root="false">
  <alias name="localhost"/>
</virtual-server>

This would only be a single alias with value localhost (and disabled welcome root).

Or to change it with cli:

/subsystem=web/virtual-server=default-host:write-attribute(name=alias,value=["localhost"])

 

Disable welcome-root in EAP6

To remove the default welcome page your have to change your virtual server config in your standalone.xml to state enable-welcome-root=”false”:

<virtual-server name="default-host" enable-welcome-root="false">
  <alias name="localhost"/>
</virtual-server>

Or with cli:

/subsystem=web/virtual-server=default-host:write-attribute(name=enable-welcome-root,value=false)