Re: [Ejbca-develop] modifications for jboss-3.2.2

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Thanks for the file. The multiple key files are gone in ejbca 3, there 
is only .keystore. Hidden or not...well I believe that could be changed.
I will change it in ejbca3. Ejbca2 will not be touched, only serious 
bugs will be fixed there for stability reasons.

Regarding the identification of JBoss version, it is slightly cleaned 
up, at least with comments now. We can not drop backwards compatibility, 
since not everyone upgrades to the latest version of JBoss all the time. 
There will be people running older versions of JBoss, such as the 3.0 
series, which in some ways are better and some ways worse than 3.2.x.
If there is a java-method to identify JBoss version, I would be happy to 
use it.

The updates for ejbca2.1 are in CVS now, so next release will work with 
JBoss 3.2.3.

Cheers,
Tomas

Mike Jackson wrote:

>
>
> Tomas Gustavsson wrote:
>
>>
>> Hi,
>> Send the files for ejbca 2.1 to the list, so anyone interesed can 
>> pick them up. I will commit them to CVS. There are a few fixes done 
>> for ejbca 2.1, so there will be a 2.1.1 eventually.
>> I have already modifyed the files for the upcoming ejbca 3.
>>
>
> Hi,
> Attached is the ejbca enabled  file:
>
> $JBOSS_HOME/server/default/deploy/jbossweb-tomcat41.sar/META-INF/jboss-service.xml 
>
>
> NOTE that inside that file, I have stored Tomcat's server keys in 
> "$JBOSS_HOME/server/default/keys/keystore" . I'm not aware of why keys 
> and stores are put into multiple locations and as hidden files, etc. 
> But then, I'm not expert about JBOSS/Tomcat security, either. I wanted 
> to make one directory to store all ejbca related keys in. You might 
> want to change it... I also considered calling it keys/ejbca-tomcat.ks .
>
> I started looking at the setup-adminweb.sh file (before I simplified 
> it for my needs) and the JBOSS version/setup identification is really 
> an ugly hack, so I'm not going to attempt to further create hacks in 
> that file. Isn't there a java method to identify a JBOSS installation 
> and setup? Or couldn't you just make the script support the two latest 
> versions of JBOSS, e.g. 3.2.2 and 3.2.3? I think that the JBOSS 
> project has ditched Jetty for good and Tomcat is fully embedded (not 
> just integrated) now. I doubt that the location for this file will 
> change anytime soon. If you want to say that you only officially 
> support JBOSS 3.2.2 and above, then I will rewrite the scripts and 
> send them to the list. Otherwise, I will submit my JBOSS-3.2.2-> HOWTO 
> to the list as soon as I've finished it.
>
> Perhaps this jboss-service.xml file could be called 
> jboss-3.2.x-service.xml in ejbca's source tree, and then copied to the 
> proper name after the password is substituted. I just ran diff between 
> the default file in JBOSS 3.2.2 and 3.2.3 and there was no difference, 
> so my mod works also for the latest version.
>
> BR,
> Mike
>