Deploying Applications On Pramati Server From MyEclipse Development Environment
Pramati Server provides several useful Ant Task implementations for day to day activities with server. Extending the highly useful remoteshell tool, these ant tasks can help to ease out our burden by scripting several repetitive tasks in our very own ANT scripts. More detailed info on all available ANT tasks shall be covered in another post.
Here we are discussing one of the most sought after feature of deploying our J2EE/JavaEE compliant application in to Pramati Server Using Ant Script. Most IDEs allow configuring a custom build script for the project. Using this feature the deployment activity can be configured as an ANT task in the build script.
IDE Used: MyEclipse 6.0
Target Server: Pramati Server 6.0 SP3
Below mentioned is a step by step procedure on how to configure and Run the Deployment Task Builder In MyEclipse.
1. Make sure the Pramati Server instance is already up and running on the machine. Open the MyEclipse IDE and create a new Web Application.
2. Create a file named pramatiDeployer.xml any where on the disc (say D:\pramatiDeployer\ folder) with the following content:
<?xml version="1.0" encoding="UTF-8"?>
<project name="AntShell" default="servertasks">
<property name="pramati_install_dir" value="D:/Pserver"/>
<property name="pramati_node_name" value="default"/>
<taskdef name="pramati" classname="com.pramati.tools.ant.AntTaskHandler" />
<target name="buildwar">
<jar jarfile="${build_project}/${project_name}.war" basedir="${build_project}/WebRoot" />
</target>
<target name="servertasks" depends="buildwar" >
<echo message="Project Directory :${build_project}"/>
<echo message="Project Name :${project_name}"/>
<pramati verbose="true"
node="${pramati_node_name}"
installroot="${pramati_install_dir}/server"
ip="localhost"
port="9191"
realm="system"
user="root"
password="pramati"
fork="false"
debug="true"
classpath="${pramati_install_dir}/server/lib/pramati/classpath.jar"
endorseddirs="${pramati_install_dir}/server/lib/std/endorsed"
command="deploy ${build_project}/${project_name}.war"/>
</target>
<!--<target name="servertasks" depends="buildwar" >
<echo message="Project Directory :${build_project}"/>
<echo message="Project Name :${project_name}"/>
<echo message="Placing the archive in Autodeploy folder"/>
<copy file="${build_project}/${project_name}.war"
todir="${pramati_install_dir}/server/nodes/${pramati_node_name}/archives/autodeploy">
</copy>
</target>-->
</project>
3. You can customize the parameters pramati_install_dir, pramati_node_name, port(naming-port), realm, user and password as per the target deployment server and node configuration.
4. Right click on the project and click import. Select General->File System, and click Next.
5. Click ‘Browse’ against ‘From Directory’ box and navigate to the folder containing pramatiDeployer.xml. Click on the check box against pramatiDeployer.xml and click “Finish” to import it into the root directory of the web Application just created
6. Now the file shall be available in the Projects Package Explorer Window file list.
7. Right click on the file and go to Run As -> Open External Tools Dialog.
8. In the window that follows, double click the “Ant Build” entry on the left panel to add a new Ant Build. The Following screen appears.
9. In case multiple Ant Script build are listed under “Ant Build” entry on the left panel, select the one containing the Project Name you are currently working on.
10. Navigate to “Classpath” tab and Click on “User Entries“. Then click on “Add External JARs” .
11. Navigate to the jar <Pramati_server_install>/server/lib/pramati_client/pramati_ant.jar and click on “Open” to add the same to classpath.
12. Click on “Apply” and “Close” on External Tools Window.
13. Now our script is available as a build script which can be added to the Auto Build sequence. To do so, Right click on the project. Go to Properties->Builders->Import.
14. Select the newly created build script from the listed entries. Take care to choose the one with the current project name, if more than one entries are listed.
15. Click on “OK“. Now edit the imported builder by clicking on “Edit“. The following window appears.
16. Go to “Targets” tab and Click on “Set Targets” button against the “Auto Build” Box. On the “Set Targets” dialog that appears, Select the “servertask” entry and click ok.
17. Go to “Main” tab and add the following in the “Arguments” text box.
-Dbuild_project=${build_project} -Dproject_name=${project_name}
18. Click on “OK“. This shall finish the configuration and run the auto build process immediately causing our script to be executed.
19. The following shall appear on the MyEclipse console window in case of successful deployment.
20. Corresponding out put on the Pramati Server console:
In case of any errors
1. Check correctness of the pramati_install_dir and other configured parameters in pramatiDeployer.xml.
2. Make Sure the server is running
3. Make sure the pramati_ant.jar is placed in classpath and is from the same setup as the target server
Customized deployments can also be done. For example deployments with custom context root, mapping resource (like Datasource) names etc. Steps for the same shall follow in next post.
Disabling Unsafe SSL Session Renegotiation on Pramati Server
Pramati Server internally uses, JDK SSL sockets to communicate over https. The underlying JDK in use, handles ssl handshake and re-negotiation if required. Hence to disable session renegotiation, one must use a JDK which has the issue addressed (for Example JDK 1.6 update 21). For already installed pramati servers, one can change the JDK in use by changing JAVA_HOME variable in the file <server-install>/server/bin/setup.bat (or setup.sh in UNIX OS).
@ ECHO Generated batch file to setup Environment Variables for Pramati Server 6.0 set install_root=D:\Pserver60_1091_SP3\server set JAVA_HOME=D:\Java\jdk1.6.0_21 set PATH=%JAVA_HOME%\bin;%PATH% set CLASSPATH=%JAVA_HOME%\lib\tools.jar;%install_root%\lib\pramati\classpath.jar;
Now the nodes can be started using the runserver script file as usual and SSL Session renegotiation shall be disabled by default.
Testing SSL Session renegotiation:
For my test case I have used the instructions at http://blog.ivanristic.com/2009/12/testing-for-ssl-renegotiation.html
The Console output:
C:\OpenSSL098a\bin>openssl s_client -connect localhost:443 Loading 'screen' into random state - done CONNECTED(00000784) depth=0 /C=India/ST=AP/L=Hyderabad/O=Pramati/OU=Engineering/CN=test certificate verify error:num=18:self signed certificate verify return:1 depth=0 /C=India/ST=AP/L=Hyderabad/O=Pramati/OU=Engineering/CN=test certificate verify return:1 --- . . . [SSL-Handshake-Messages] . . . --- HEAD / HTTP/1.0 R RENEGOTIATING 6776:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:.\ssl\s3_pkt.c:534: closed C:\OpenSSL098a\bin>
Step By Step:
1. Navigate to the OpenSSL bin directory on a Command Prompt
2. Execute command to connect to running web server using command
openssl s_client -connect localhost:443
3. If the server IP and Port are correct, connection will be through and a lot of SSL handshake messages shall be printed on console.
Loading 'screen' into random state - done CONNECTED(00000784) depth=0 /C=India/ST=AP/L=Hyderabad/O=Pramati/OU=Engineering/CN=test certificate verify error:num=18:self signed certificate verify return:1 depth=0 /C=India/ST=AP/L=Hyderabad/O=Pramati/OU=Engineering/CN=test certificate verify return:1 --- Certificate chain 0 s:/C=India/ST=AP/L=Hyderabad/O=Pramati/OU=Engineering/CN=test certificate i:/C=India/ST=AP/L=Hyderabad/O=Pramati/OU=Engineering/CN=test certificate --- Server certificate -----BEGIN CERTIFICATE----- MIICXzCCAcigAwIBAgIES6tMbTANBgkqhkiG9w0BAQUFADB0MQ4wDAYDVQQGEwVJ bmRpYTELMAkGA1UECBMCQVAxEjAQBgNVBAcTCUh5ZGVyYWJhZDEQMA4GA1UEChMH UHJhbWF0aTEUMBIGA1UECxMLRW5naW5lZXJpbmcxGTAXBgNVBAMTEHRlc3QgY2Vy dGlmaWNhdGUwHhcNMTAwMzI1MTE0MzQxWhcNMTEwMzI1MTE0MzQxWjB0MQ4wDAYD VQQGEwVJbmRpYTELMAkGA1UECBMCQVAxEjAQBgNVBAcTCUh5ZGVyYWJhZDEQMA4G A1UEChMHUHJhbWF0aTEUMBIGA1UECxMLRW5naW5lZXJpbmcxGTAXBgNVBAMTEHRl c3QgY2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALi1cXLT TxkqxCcHVm/7JcoRn3uJlex3NAnEMYNLTopf2SOzdJDYRjd3MHY3JcT+yEtvfNSR Vpj7KyDTD0Up2XDZyk0+yJAI6DqLelmfak4/uDbXMW9T7jW7Gu2jbJA5WJD5oyHF MuiWRAu3xdL049H5uRDJpUN2ckVGBN/eBdOnAgMBAAEwDQYJKoZIhvcNAQEFBQAD gYEASdTN256auusTcKOReeh2OW8y0PS6kI4eSPjAWCqI+bnixtxc5bhNp/p2kjbL IqcfpQnRmffbMLXlHJgV03DL4jUTXQCwJu6Jw4fHwiUnU+prcruVDSPT9pNZbEId ou8CYYE5ISVz+wWSXv6tXRDVhLjj4JZVOl58p9DqzUR+Evc= -----END CERTIFICATE----- subject=/C=India/ST=AP/L=Hyderabad/O=Pramati/OU=Engineering/CN=test certificate issuer=/C=India/ST=AP/L=Hyderabad/O=Pramati/OU=Engineering/CN=test certificate --- No client certificate CA names sent --- SSL handshake has read 1152 bytes and written 338 bytes --- New, TLSv1/SSLv3, Cipher is EDH-RSA-DES-CBC3-SHA Server public key is 1024 bit Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : EDH-RSA-DES-CBC3-SHA Session-ID: 4C5027FBD785EA3AAAB4ACBB45A1426E52D5DF829DD13D1B9CDF25C6266D6FC6 Session-ID-ctx: Master-Key: 291247553A11AF4AC9FB54DE32D677ACE804605675D3EC58B72572D31E831EFB4D2E6C339AB39458E56E8650D2FF8253 Key-Arg : None Start Time: 1280321531 Timeout : 300 (sec) Verify return code: 18 (self signed certificate) ---
4. Now, the connection shall remain active for the socket idle timeout seconds, which is usually 3 seconds for default Pramati Server node.
5. We can send first line of Request header now. Paste the following at command prompt and press enter (before the time out happens of-course).
HEAD / HTTP/1.0
6. Now we can initiate a renegotiation by typing R and pressing enter.
R
(The time out sure applies here as well. So make sure you key in R and press enter before the time out of 3 seconds starting from the point we pressed enter for the HEAD line above)
7. A renegotiation request is now initiated. Now is the time for results. If JDK does not allow renegotiation, the output on the same window shall be as given below:
RENEGOTIATING 6776:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:.\ssl\s3_pkt.c:534:
8. If the JDK allows renegotiation, the output shall be like :
RENEGOTIATING depth=0 /C=India/ST=AP/L=Hyderabad/O=Pramati/OU=Engineering/CN=test certificate verify error:num=18:self signed certificate verify return:1 depth=0 /C=India/ST=AP/L=Hyderabad/O=Pramati/OU=Engineering/CN=test certificate verify return:1
9. We can leave the prompt now as it is, and the connection shall be closed automatically by time-out
closed
JDK also provides a system property to re-enable SSL re-negotiation, which can be configured in the server startup script runserver.bat / runserver.sh.