What is LILO?
LILO stands for Linux boot loader. It will load the MBR, master boot record, into the memory, and tell the system which partition and hard drive to boot from.
What is the main advantage of creating links to a file instead of copies of the file?
The main advantage is not really that it saves disk space (though it does that too) but, rather, that a change of permissions on the file is applied to all the link access points. The link will show permissions of lrwxrwxrwx but that is for the link itself and not the access to the file to which the link points. Thus if you want to change the permissions for a command, such as su, you only have to do it on the original. With copies you have to find all of the copies and change permission on each of the copies.
Write a command to find all of the files which have been accessed within the last 30 days.
find / -type f -atime -30 > December.files
This command will find all the files under root, which is ‘/’, with file type is file. ‘-atime -30′ will give all the files accessed less than 30 days ago. And the output will put into a file call December.files.
What is the most graceful way to get to run level single user mode?
The most graceful way is to use the command init s.
If you want to shut everything down before going to single user mode then do init 0 first and from the ok prompt do a boot -s.
What does the following command line produce? Explain each aspect of this line.
$ (date ; ps -ef | awk ‘{print $1}’ | sort | uniq | wc -l ) >> Activity.log
First let’s dissect the line: The date gives the date and time as the first command of the line, this is followed by the a list of all running processes in long form with UIDs listed first, this is the ps -ef. These are fed into the awk which filters out all but the UIDs; these UIDs are piped into sort for no discernible reason and then onto uniq (now we see the reason for the sort - uniq only works on sorted data - if the list is A, B, A, then A, B, A will be the output of uniq, but if it’s A, A, B then A, B is the output) which produces only one copy of each UID.
These UIDs are fed into wc -l which counts the lines - in this case the number of distinct UIDs running processes on the system. Finally the results of these two commands, the date and the wc -l, are appended to the file "Activity.log". Now to answer the question as to what this command line produces. This writes the date and time into the file Activity.log together with the number of distinct users who have processes running on the system at that time. If the file already exists, then these items are appended to the file, otherwise the file is created.
Friday, March 27, 2009
Thursday, March 26, 2009
IKEYCMD ( IKEYMAN ) Command Line Interface (gsk7cmd)
Environment Set Up for IKEYCMD Command Line Interface
To run IKEYMAN , set up environment variables to use the IKEYCMD command line interface
as follows:
1. Set your PATH to where your Java or JRE executable resides:
EXPORT PATH=/opt/IBMJava/bin:$PATH
2. Set the following CLASSPATH environment variable:
EXPORT CLASSPATH=/usr/local/ibm/gsk/classes/cfwk.zip:/usr/local/ibm/gsk/classes/gsk4cls.jar:$CLASSPATH
Once completed, IKEYCMD should run from any directory. To run an IKEYCMD command,
use the following syntax:
java com.ibm.gsk.ikeyman.ikeycmd (command)
You can substitute JRE for Java, depending on whether you are using a JRE or JDK.
Example:
jre com.ibm.gsk.ikeyman.ikeycmd (command)
IKEYCMD Command Line Syntax
The syntax of the Java CLI is: java [-Dikeycmd.properties= com.ibm.gsk.ikeyman.ikeycmd (object) (action)[options]
where:
-Dikeycmd.properties Specifies the name of an optional properties file to use for this Java
invocation. A default properties file, ikeycmd.properties, is provided as a sample file that can be modified and used by any Java application.
Object is one of the following:
-keydb Actions taken on the key database (either a CMS key database file, a WebDB keyring file, or SSLight class)
-cert Actions taken on a certificate
-certreq Actions taken on a certificate request
-help Display help for the IKEYCMD invocations
-version Display version information for IKEYCMD
Action is the specific action to be taken on the object, and options are the options, both required
and optional, specified for the object and action pair.
Note: The object and action keywords are positional and must be specified in the selected
order. However, options are not positional and can be specified in any order, provided
that they are specified as an option and operand pair.
User Interface Task Reference
IKEYCMD command line interface tasks are summarized in the following table.
IKEYMAN and IKEYCMD task
Create a new key database and specify the
database password
Create a new key pair and certificate request
Create a self-signed certificate
Export a key to another database or PKCS12 file
Import a key from another database or PKCS12
file
List certificate authorities (CAs) and certificate
requests
Open a key database
Receive a CA-signed certificate into a key
database
Show the default key in a key database
Store the root certificate of a CA
Store the encrypted database password in a stash
file
To run IKEYMAN , set up environment variables to use the IKEYCMD command line interface
as follows:
1. Set your PATH to where your Java or JRE executable resides:
EXPORT PATH=/opt/IBMJava/bin:$PATH
2. Set the following CLASSPATH environment variable:
EXPORT CLASSPATH=/usr/local/ibm/gsk/classes/cfwk.zip:/usr/local/ibm/gsk/classes/gsk4cls.jar:$CLASSPATH
Once completed, IKEYCMD should run from any directory. To run an IKEYCMD command,
use the following syntax:
java com.ibm.gsk.ikeyman.ikeycmd (command)
You can substitute JRE for Java, depending on whether you are using a JRE or JDK.
Example:
jre com.ibm.gsk.ikeyman.ikeycmd (command)
IKEYCMD Command Line Syntax
The syntax of the Java CLI is: java [-Dikeycmd.properties=
where:
-Dikeycmd.properties Specifies the name of an optional properties file to use for this Java
invocation. A default properties file, ikeycmd.properties, is provided as a sample file that can be modified and used by any Java application.
Object is one of the following:
-keydb Actions taken on the key database (either a CMS key database file, a WebDB keyring file, or SSLight class)
-cert Actions taken on a certificate
-certreq Actions taken on a certificate request
-help Display help for the IKEYCMD invocations
-version Display version information for IKEYCMD
Action is the specific action to be taken on the object, and options are the options, both required
and optional, specified for the object and action pair.
Note: The object and action keywords are positional and must be specified in the selected
order. However, options are not positional and can be specified in any order, provided
that they are specified as an option and operand pair.
User Interface Task Reference
IKEYCMD command line interface tasks are summarized in the following table.
IKEYMAN and IKEYCMD task
Create a new key database and specify the
database password
Create a new key pair and certificate request
Create a self-signed certificate
Export a key to another database or PKCS12 file
Import a key from another database or PKCS12
file
List certificate authorities (CAs) and certificate
requests
Open a key database
Receive a CA-signed certificate into a key
database
Show the default key in a key database
Store the root certificate of a CA
Store the encrypted database password in a stash
file
Friday, March 20, 2009
Free Trial - IBM WebSphere Message Broker, WebSphere Message Broker V6.1
WebSphere Message Broker V6.1, an Enterprise Service Bus (ESB) built for universal connectivity and transformation in heterogeneous IT environments. WebSphere Message Broker distributes information and data generated by business events in real time to people, applications, and devices throughout your extended enterprise and beyond.
Provides a smart approach to SOA, extending the reach of your business beyond your firewall by supporting a broad range of multiple transport protocols and data formats
Integrates multiple applications, networks, and device types using a platform-independent based enterprise service bus that lets you conduct business reliably and securely
Increases business agility and flexibility, extending easily to a Federated ESB model, while reducing development costs by separating integration logic from applications
Improves the flow of information around the business, moving away from hard-coded point-to-point links to more flexible distribution mechanisms such as publish/subscribe and multi-cast
Uses a simple programming model for connectivity and mediation, including a robust set of pre-built mediation function and ways to customize mediations
Exploits the industry-leading WebSphere MQ messaging infrastructure, and supports transformation options with graphical mapping, Java, ESQL, XSL, and WebSphere Transformation Extender
Delivers extensive administration and systems management facilities for developed solutions
Features and benefits of WebSphere Message Broker
IBM WebSphere® Message Broker V6.1 supports the following key capabilities and benefits:
Platform-Independent Based Enterprise Service Bus
Distribute any type of information across and between multiple diverse systems and applications, providing delivery of the right information in the right format at the right time
Reduce point-to-point interconnections and simplify application programming through separation of integration logic from the applications and from process logic
Powerful publish-and-subscribe matching engine routes information in real time based on topic and content to any endpoint
Validate and transform messages in-flight between any combination of different message formats, including Web Services, other XML and non-XML formats
Route messages based on (evaluated) business rules to match information content and business processes
Improve business agility by dynamically reconfiguring information distribution patterns without reprogramming end-point applications
Powerful runtime security model to address security concerns.
Integrated JCA based WebSphere Adapters as built-in nodes
Strengthens security and accelerates Web Services Security processing with DataPower SOA Appliance
Integration and enhancement of WebSphere Service Registry and Repository support to virtualize services for greater reuse
Enhance SOA support with advanced Web Services
Mediates (provides routing, transformation and logging) between Web Service requesters and providers
Mediates between Web Services and other integration models as both a service requester and a service provider
Delivers support for Web Services Security and Web Services Addressing, and compliance for Basic Profile
Works with the latest implementations of standards such as WSDL (Web Services Definition Language), SOAP (Simple Object Access Protocol), SOAP with attachments, any JMS (Java™ Message Service) HTTP(s) (Hypertext Transport Protocol), MTOM/XOP, and MQ
Enhanced support for provider and consumer scenarios
Toolkit support for WSDL drag and drop for skeleton flow creation and configuration
Full message set round-tripping for WSDL imports and exports.
New Web services parser creates more consumable message tree.
Integration without bounds with connectivity and transformation capabilities
Integrated WebSphere MQ transports - for Enterprise, Mobile, Real-Time, Multicast and Telemetry end points - extend the reach, scope and scale of the enterprise integration bus, out to mobile and handheld devices, along with embedded devices such as sensors or actuators.
Enable the secure and seamless interaction of enterprise applications with thousands of users within the Intranet and across the Internet
Provide native JMS interoperability, acting as a bridge between any combinations of different JMS providers.
Out-of-the-box nodes to simplify management and improve performance for key enterprise resource planning (ERP) integration scenarios (for example, SAP, Siebel, and PeopleSoft) through WebSphere Adapters packaged as native message-processing nodes
Native support for large file processing, including FTP, to simplify processing of large, repeating complex file records without using excessive storage
New Email Output node
Integration with WebSphere Transformation Extender, including the launcher, enabling WebSphere Transformation Extended maps to run natively in WebSphere Message Broker
Improved Consumability, Productivity and Systems Management
Provides a quick start with a single-click installation; install the product and run a sample in less than an hour
Simple packaging allowing for easy identification of appropriate install assets
Single install DVD for Windows and Linux desktops
ISMP installer for all platforms, SMP/.E for z/Os systems
Comprehensive "samples gallery" for all new and existing functions
Enterprise-wide identity, authentication, and authorization with Tivoli and Lightweight Directory Access Protocol (LDAP) servers to enforce service policy at the user level for greater security
Administration of both WebSphere MQ and WebSphere Message Broker networks in one console with the Eclipse-based Message Broker Explorer
Roll back with a single click
Extend your infrastructure with broader platform support and performance
Extend an existing WebSphere MQ and WebSphere Event Broker infrastructure
Available on IBM z/OS®, IBM AIX®, Linux (zSeries®, Intel, Power), Solaris (x86-64 and SPARC), HP/UX(PA-RISC, Itanium) and Microsoft® Windows® Server
Full range of industry standard databases includting support for DB2, SQL Server, Oracle, Sybase and Informix
Accounting and statistics reports support usage based charges and real-time graphical performance analysis for internal business charging
Enhanced SAP IDOC support
Improved binary data modeling within text messages.
64-bit capability on Linux and UNIX, Java Database Connectivity (JDBC) XA support, and Java 5 on all platforms
Ultra High Performance XML parser, including schema validation
Compacted memory footprint
Enhanced Developer Productivity
Eclipse based Message Broker Toolkit compatible with Rational Application Developer V6 and available on Windows and Linux
Data transformation options to match the data format and the developer skill set
Reduced toolkit size with enhanced look and feel improvements including productivity aids.
Standards based metadata including XML Schema and Web Services Definition Language
Java Debug Protocol (JDP) enabled withing toolkit
Graphical message metadata and mapping definition
Visual trace capability to display message path through flow in real time in Eclipse
New message viewer to graphically identify source and/or target message element locations
Simplified development with a configuration-drive approach for all new nodes
Eclipse based Type Designer and Map Designer integrated with the toolkit
Download a free trial version of WebSphere Message Broker V6.1
Provides a smart approach to SOA, extending the reach of your business beyond your firewall by supporting a broad range of multiple transport protocols and data formats
Integrates multiple applications, networks, and device types using a platform-independent based enterprise service bus that lets you conduct business reliably and securely
Increases business agility and flexibility, extending easily to a Federated ESB model, while reducing development costs by separating integration logic from applications
Improves the flow of information around the business, moving away from hard-coded point-to-point links to more flexible distribution mechanisms such as publish/subscribe and multi-cast
Uses a simple programming model for connectivity and mediation, including a robust set of pre-built mediation function and ways to customize mediations
Exploits the industry-leading WebSphere MQ messaging infrastructure, and supports transformation options with graphical mapping, Java, ESQL, XSL, and WebSphere Transformation Extender
Delivers extensive administration and systems management facilities for developed solutions
Features and benefits of WebSphere Message Broker
IBM WebSphere® Message Broker V6.1 supports the following key capabilities and benefits:
Platform-Independent Based Enterprise Service Bus
Distribute any type of information across and between multiple diverse systems and applications, providing delivery of the right information in the right format at the right time
Reduce point-to-point interconnections and simplify application programming through separation of integration logic from the applications and from process logic
Powerful publish-and-subscribe matching engine routes information in real time based on topic and content to any endpoint
Validate and transform messages in-flight between any combination of different message formats, including Web Services, other XML and non-XML formats
Route messages based on (evaluated) business rules to match information content and business processes
Improve business agility by dynamically reconfiguring information distribution patterns without reprogramming end-point applications
Powerful runtime security model to address security concerns.
Integrated JCA based WebSphere Adapters as built-in nodes
Strengthens security and accelerates Web Services Security processing with DataPower SOA Appliance
Integration and enhancement of WebSphere Service Registry and Repository support to virtualize services for greater reuse
Enhance SOA support with advanced Web Services
Mediates (provides routing, transformation and logging) between Web Service requesters and providers
Mediates between Web Services and other integration models as both a service requester and a service provider
Delivers support for Web Services Security and Web Services Addressing, and compliance for Basic Profile
Works with the latest implementations of standards such as WSDL (Web Services Definition Language), SOAP (Simple Object Access Protocol), SOAP with attachments, any JMS (Java™ Message Service) HTTP(s) (Hypertext Transport Protocol), MTOM/XOP, and MQ
Enhanced support for provider and consumer scenarios
Toolkit support for WSDL drag and drop for skeleton flow creation and configuration
Full message set round-tripping for WSDL imports and exports.
New Web services parser creates more consumable message tree.
Integration without bounds with connectivity and transformation capabilities
Integrated WebSphere MQ transports - for Enterprise, Mobile, Real-Time, Multicast and Telemetry end points - extend the reach, scope and scale of the enterprise integration bus, out to mobile and handheld devices, along with embedded devices such as sensors or actuators.
Enable the secure and seamless interaction of enterprise applications with thousands of users within the Intranet and across the Internet
Provide native JMS interoperability, acting as a bridge between any combinations of different JMS providers.
Out-of-the-box nodes to simplify management and improve performance for key enterprise resource planning (ERP) integration scenarios (for example, SAP, Siebel, and PeopleSoft) through WebSphere Adapters packaged as native message-processing nodes
Native support for large file processing, including FTP, to simplify processing of large, repeating complex file records without using excessive storage
New Email Output node
Integration with WebSphere Transformation Extender, including the launcher, enabling WebSphere Transformation Extended maps to run natively in WebSphere Message Broker
Improved Consumability, Productivity and Systems Management
Provides a quick start with a single-click installation; install the product and run a sample in less than an hour
Simple packaging allowing for easy identification of appropriate install assets
Single install DVD for Windows and Linux desktops
ISMP installer for all platforms, SMP/.E for z/Os systems
Comprehensive "samples gallery" for all new and existing functions
Enterprise-wide identity, authentication, and authorization with Tivoli and Lightweight Directory Access Protocol (LDAP) servers to enforce service policy at the user level for greater security
Administration of both WebSphere MQ and WebSphere Message Broker networks in one console with the Eclipse-based Message Broker Explorer
Roll back with a single click
Extend your infrastructure with broader platform support and performance
Extend an existing WebSphere MQ and WebSphere Event Broker infrastructure
Available on IBM z/OS®, IBM AIX®, Linux (zSeries®, Intel, Power), Solaris (x86-64 and SPARC), HP/UX(PA-RISC, Itanium) and Microsoft® Windows® Server
Full range of industry standard databases includting support for DB2, SQL Server, Oracle, Sybase and Informix
Accounting and statistics reports support usage based charges and real-time graphical performance analysis for internal business charging
Enhanced SAP IDOC support
Improved binary data modeling within text messages.
64-bit capability on Linux and UNIX, Java Database Connectivity (JDBC) XA support, and Java 5 on all platforms
Ultra High Performance XML parser, including schema validation
Compacted memory footprint
Enhanced Developer Productivity
Eclipse based Message Broker Toolkit compatible with Rational Application Developer V6 and available on Windows and Linux
Data transformation options to match the data format and the developer skill set
Reduced toolkit size with enhanced look and feel improvements including productivity aids.
Standards based metadata including XML Schema and Web Services Definition Language
Java Debug Protocol (JDP) enabled withing toolkit
Graphical message metadata and mapping definition
Visual trace capability to display message path through flow in real time in Eclipse
New message viewer to graphically identify source and/or target message element locations
Simplified development with a configuration-drive approach for all new nodes
Eclipse based Type Designer and Map Designer integrated with the toolkit
Download a free trial version of WebSphere Message Broker V6.1
Sunday, March 8, 2009
History of IBM Websphere Application Server (WAS), What is WAS.
IBM WebSphere Application Server (WAS)
a software application server, is the flagship product within IBM's Websphere brand. WAS is built using open standards such as Java EE, XML, and Web Services. It works with a number of Web servers including Apache HTTP Server, Netscape Enterprise Server, Microsoft Internet Information Services (IIS), IBM HTTP Server for i5/OS, IBM HTTP Server for z/OS, and IBM HTTP Server for AIX/Linux/Microsoft Windows/Solaris.
WAS Versions
Version 1 of IBM WebSphere Application Server (WAS).
IBM has shipped several versions and editions of WAS. In the first beta versions, WAS was called Servlet Express.
What started it all in June, 1998. Really only a Java Servlet engine at that point.
a software application server, is the flagship product within IBM's Websphere brand. WAS is built using open standards such as Java EE, XML, and Web Services. It works with a number of Web servers including Apache HTTP Server, Netscape Enterprise Server, Microsoft Internet Information Services (IIS), IBM HTTP Server for i5/OS, IBM HTTP Server for z/OS, and IBM HTTP Server for AIX/Linux/Microsoft Windows/Solaris.
WAS Versions
Version 1 of IBM WebSphere Application Server (WAS).
IBM has shipped several versions and editions of WAS. In the first beta versions, WAS was called Servlet Express.
What started it all in June, 1998. Really only a Java Servlet engine at that point.
Version 2 of IBM WebSphere Application Server (WAS).
In this version IBM adds JavaBean and CORBA support. Now supports Linux. Comes in two editions: Standard Edition (SE) and Advanced Edition (AE).
Version 3 of IBM WebSphere Application Server (WAS).
This version of WAS was compatible with a JDK 1.2, J2EE 1.0 version. IBM provided many enhancements to the basic J2EE 1.0 spec. Support for OS/400 (now i5/OS) and OS/390 (now z/OS) was added, although the z/OS version maintained a substantially separate codebase until v5.x. Version 3 is distributed in three editions: Standard Edition (SE), Advanced Edition (AE), and Enterprise Edition (EE).
Version 3.5 of IBM WebSphere Application Server (WAS).
This version was shipped in following editions:
· SE (Standard Edition)
· AE (Advanced Edition)
· EE (Enterprise Edition)
Version 4 of IBM WebSphere Application Server (WAS).
This was a J2EE 1.2 certified application server. It inherited the database-based configuration model from V3.x for all but the single-server edition, which already used an XML datastore.
· AE (Advanced Edition)
· AEs (Advanced Edition single). Single-server edition that was not able to run in a cluster configuration.
· AEd (Developer Edition). Functionally equivalent to AEs, but intended only for non-production development use.
· EE (Enterprise Edition)
Version 5 of IBM WebSphere Application Server (WAS).
The version released on 19 November 2002. This was a J2EE 1.3 certified application server. It was a major rewrite of the V3/V4 codebase and was the first time WebSphere Application Server was coded from a common codebase. Now WAS across all deployment platforms, from Intel x86 to the mainframe, are substantially the same code. The database-based configuration repository was replaced with a replication XML file-based configuration repository. A service called the Deployment Manager had the master copy of the cell configuration, and nodes had the file(s) they needed copied from this master server whenever they changed. V5 also included a miniature version of MQ 5.3 called the embedded Java Message Service (JMS) server.
· Express Edition replaces the Standard Edition. Express now becomes the term to indicate SME-oriented offerings from IBM, across all its software brands.
· Base
· Network Deployment. This version supports deployment of a cell configuration with cluster and J2EE failover support. It now also includes Edge Components, previously known as Edge Server. This provides a proxy server, load balancing, and content-based routing.
· Enterprise Edition. This version added a workflow engine, called the Process Choreographer, for the first time but predates the BPEL standard. It also added the first fully supported application threading model called WebSphere Asynchronous Beans.
· WebSphere Application Server for z/OS. This version is essentially the same as the Network Deployment product but is optimized to take full advantage of z/OS features, such as Workload Manager, to leverage the key technologies that make the mainframe indispensable for mission-critical, scalable, and secure workloads.
Version 5.1 of IBM WebSphere Application Server (WAS).
Released 1 April 2004.
· The main change from V5.0 was a JDK upgrade to 1.4.2 and use of the Jython language for wsadmin scripting support instead of only supporting Java Tcl.
· Express
· Base
· Network Deployment
· WebSphere Application Server for z/OS
Version 5.1 for z/OS is the first to support zAAP engines.
· WebSphere Business Integration Server Foundation V5.1
This is the follow on product to WebSphere Application Server Enterprise Edition V5.0. The workflow engine was updated to support BPEL rather than the proprietary FDML format used in V5.0. The product was also repriced and available on all IBM platforms from the Intel environments to the mainframe.
· WebSphere eXtended Deployment (XD)
For more information please reference the #WebSphere eXtended Deployment section below.
Version 6 of IBM WebSphere Application Server (WAS).
· This version was released on December 31, 2004. It is a Java EE 1.4 compliant application server. Security enhancements include support for JACC 1.0 and WS-Security 1.0.
· Support for Java Standard Edition 1.4
· Community Edition (free, support for fee)
Code based on Apache Geronimo project
· Express (list price US$2,000 per CPU, licensed to use up to two CPUs)
Many programming model extensions previously found in WebSphere Application Server V5.0 Enterprise Edition were moved out of enterprise and into Express and Base. These APIs included application profile, startup beans, the scheduler, and async beans.
The JMS engine, now called "WebSphere Platform Messaging," was rewritten in 100% Java and its functionality greatly enhanced. (WebSphere MQ is still supported as the JMS provider and is interoperable with WebSphere Platform Messaging.)
· Base (list price US$10,000 per CPU)
· Network Deployment (list price US$16,000 per CPU)
The clustering was rewritten to use the high availability manager. This manages all singletons in the WebSphere environment and can provide hot recovery for those singletons.
WebSphere was modified so that a shared file system can be used to store transaction logs and this meant that any cluster member with that shared file system mounted can hot recover in-doubt XA transactions with no external HA software.
The Deployment Manager's role was eliminated from all clustering runtime operations. It's only required for centralized JMX admin and config changes.
Now supports running mixed version cells (V5 to V6) in production.
· WebSphere Application Server for z/OS
Provides the same core functionality as Network Deployment, since it shares a common programming model, but still contains the platform advantages such as:
· z/OS Workload Manager for prioritized management of mixed workloads
· Resource Recovery Services (added transactional integrity for complex, critical transactions)
· Support for security mainframe products such a RACF
· Advanced vertical scaling for application server by featuring a unique control region (integrated control area) server region (where workloads are completed) separation which enables the control region to open and close server regions as needed by the volume of incoming requests
· Parallel Sysplex support for full participation in the Sysplex, enabling advanced failover support and a geographically dispersed environment that seamlessly acts as one with a centralized logging and management facility
· eXtended Deployment (listprice: $16000 USD / cpu)
WAS XD as it is known increases the functionality of the application server in two main areas - Manageability and Performance. It also allows makes possible new configurations, such as dynamic virtualization between pools of application servers.
Under the performance header the ObjectGrid component was added, which is a standalone distributed cache that can be used with any application server (any version with a 1.4 JDK) or with any J2SE 1.4 runtime, including zLinux and z/OS support.
With Version 6, some of the functionality previously found in WebSphere Business Integration Server Foundation (WBISF) moved into the new IBM WebSphere Process Server. Other function moved into the other editions (Express and above).
Version 6.1 of IBM WebSphere Application Server (WAS).
This version was released on June 30, 2006. It is a Java EE 1.4 compliant application server and includes the following function:
· Support for Java Standard Edition 1.5
· Support for running JSR 168 Portlets in the application server
· Session Initiation Protocol (SIP) Servlets
· Enhancements to the WebSphere Install Factory
· IBM Support Assistant
· IBM JSF Widget Library
· Simplified Administration
· Improved Certificate and Key Management
· Security Enhancements
· Administration of IBM HTTP Server from WebSphere Admin Console
· Support for Web Services Resource Framework and WS-BusinessActivity (WS-BA)
· Support for JSR160 JMX Remote Connections (From IBM Agents Only)
· Administrative Console Jython Command Assistance
· Enhanced scripting. This version started the deprecation process for the Jacl syntax.[1]
· 64-bit servants and a new Apache-based IBM HTTP Server for z/OS
Support for the EJB 3.0 technology and support for some webservices standards were provided by the EJB feature pack and the webservices feature packs, respectively. These function in these feature packs has been folded into the main product in version 7. Functions in the webservices feature pack include:
· Asynchronous programming model (Limited functional support)
· Multiple Payload structures
· StAX (Streaming API for XML)
· WS-RM (Limited functional support)
· WS-Addressing (Limited functional support)
· JAX-B support
· Policy Set (Limited functional support)
· Secured thin client (Limited functional support)
· SOAP (protocol) Message Transmission Optimization Mechanism (MTOM)
· Supports CGI and CORBA
Version 7 of IBM WebSphere Application Server (WAS).
· This version was released on September 9, 2008. It is a Java EE 5 compliant application server.
Following are the flagship features of WebSphere Application Server Version 7:
· Flexible Management
Flexible Management facilitate administration of a large number of WebSphere Application Server base edition and Network Deployment topologies that might be geographically distributed.
· Business-Level Application
Business-Level Application is used for managing application artifacts independent of packaging or programming models.
· Property Based Configuration
Property Based Configuration feature simplifies the experience of automating administration, administrator can update the WebSphere Application Server Version 7 configuration using simple property file.
WebSphere Extended Deployment
WebSphere Application Server V6 Extended Deployment Edition (WebSphere XD) was released in 2006 as an add-on for WebSphere 6. XD provides advanced features for both administrators who manage multiple Java EE-based applications and developers building advanced applications that require asymmetric clustering techniques. It also has a number of technologies to significantly increase the performance of running applications, including an in-memory database cache and a highly advanced load balancer called the on demand router.
Administrator benefits
Many businesses run multiple server farms but wish to consolidate them into a single smaller server farm. This is because most server farms are underutilizied or over provisioned. The boxes are typically running at 10% load which is quite costly and is not flexible. For example, one server farm goes hot and maxes out while the farm in the next room is still basically idle at 10%. XD allows administrators to define a single cluster (a node group) then monitor the workload and dynamically decide which boxes in the node group should host which application in order to meet these goals. If application A has a current response time of 1.5 seconds, XD will move resources away from applications B and C to increase the power dedicated to A and decrease its response time. XD can also predict that A will likely exceed its response time in 10 minutes based on a trend and react in anticipation of the event. This greatly simplifies the life of an administrator and allows the machines to be more efficiently used than a conventional multiple, independent farm of farms approach. XD also offers options to generate various email alerts when conditions are exceeded. It can also restart servers when they appear to have a memory leak, or after X requests.
Developer benefits
WebSphere Partition Facility
Traditional Java EE applications work well for a large class of applications. The class can be broadly categorized as applications that run in a stateless symmetric cluster in front of a database:
· All the cluster members can perform any task at any time.
· The application is stateless.
· The application is modal, such that it only performs work synchronously in response to a client request which can be received using http://IIOP or JMS.
There are other applications that do not work well in such an environment, for example, an electronic trading system in a bank. Such applications typically use performance enhancing techniques such as partitioning, multi-threading, and write-through caching. These are applications that can exploit asymmetric clustering. An asymmetric cluster is essentially the opposite of a symmetric cluster:
· Applications can declare named partitions at any point while they are running, partitions are highly available, mobile within the cluster, and usually only run on a single cluster member at a time.
· Incoming work for a partition is routed to the cluster member hosting the partition.
· The application is amodal. Partitions have a lifecycle of their own and can start background threads or alarms as well as respond to incoming events whether they are IIOP/HTTP or JMS/foreign messages.
WebSphere XD offers a new set of APIs called the WebSphere Partition Facility (WPF). These APIs allow applications that require an asymmetric cluster to be deployed on a Java EE server.
ObjectGrid
The ObjectGrid is the first piece of the IBM distributed caching framework. V6 of XD shipped with support for local Java object caching as well as peer-to-peer caching with asynchronous data push/invalidation. It is designed as a small footprint, to install customer extensible framework for caching objects. All aspects of the core framework have plugin points. This allows customers to add function as well as allow IBM to extend it in future product levels. It is designed to run independent of WebSphere. This does not mean it won't integrate with WebSphere 6.0 XD -- it will. But it will also work on older versions of the application server, Tomcat servers, and competitive application servers. In a very limited sense, memcached performs some of the same functions as ObjectGrid[2]
ObjectGrid is intended to compete against the other distributed cache products on the market. It currently requires only a 1.4 level JDK from any vendor. Version 2 of the ObjectGrid is currently under development for shipping in XD 6.0.1. It will add significant function to the component as well as widen JDK level support. The intent is to allow customers to build large grids of JVMs into which they can connect applications and store objects at various qualities of service. The grid is being designed to scale to thousands of JVMs and hold a large quantity of data.
Compute Grid
Also known as WebSphere Batch, WebSphere XD also offers a Java Batch processing system called Compute Grid. This was first introduced in XD version 6.1. Compute Grid is deployed as an additional feature of a WebSphere Network environment. It provides a number of features that help you create, execute and manage batch jobs. The features include: an XML-based job control language (xJCL), batch programming model, job scheduler, and batch container.
Security
The WebSphere Application Server security model is based on the services provided in the operating system and the Java EE security model. WebSphere Application Server provides implementations of user authentication and authorization mechanisms providing support for various user registries:
· Local operating system user registry
· LDAP user registry
· Federated user registry (as of version 6.1)
· Custom user registry
The authentication mechanisms supported by WebSphere are [3]
· Lightweight Third Party Authentication (LTPA)
Saturday, March 7, 2009
What is WebSEAL
IBM Tivoli Access Manager WebSEAL overview.
IBM(R)Tivoli(R)Access Manager for e-business (Tivoli Access Manager) is a robust and secure centralized policy management solution for e-business and distributed applications. IBM Tivoli Access Manager WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on (SSO) solutions and incorporate back-end Web application server resources into its security policy.
IBM Tivoli Access Manager:
IBM Tivoli Access Manager is a complete authorization and network security policy management solution that provides unsurpassed end-to-end protection of resources over geographically dispersed intranets and extranets.
In addition to its state-of-the-art security policy management feature, Tivoli Access Manager provides authentication, authorization, data security, and centralized resource management capabilities. You use Tivoli Access Manager in conjunction with standard Internet-based applications to build highly secure and well-managed intranets.
At its core, Tivoli Access Manager provides:
Authentication framework
Tivoli Access Manager provides a wide range of built-in authenticators and supports external authenticators.
Authorization framework
The Tivoli Access Manager authorization service, accessed through the Tivoli Access Manager authorization API, provides permit and deny decisions on requests for protected resources located in the secure domain.
With Tivoli Access Manager, businesses can securely manage access to private internal network-based resources while leveraging the public Internet's broad connectivity and ease of use. Tivoli Access Manager, in combination with a corporate firewall system, can fully protect the Enterprise intranet from unauthorized access and intrusion.
IBM Tivoli Access Manager WebSEAL:
IBM Tivoli Access Manager WebSEAL is the resource manager responsible for managing and protecting Web-based information and resources.
WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on solutions and incorporate back-end Web application server resources into its security policy.
WebSEAL normally acts as a reverse Web proxy by receiving HTTP/HTTPS requests from a Web browser and delivering content from its own Web server or from junctioned back-end Web application servers. Requests passing through WebSEAL are evaluated by the Tivoli Access Manager authorization service to determine whether the user is authorized to access the requested resource.
WebSEAL provides the following features:
Supports multiple authentication methods
Both built-in and plug-in architectures allow flexibility in supporting a variety of authentication mechanisms.
Accepts HTTP and HTTPS requests
Integrates and protects back-end server resources through WebSEAL junction technology
Manages fine-grained access control for the local and back-end server Web space
Supported resources include URLs, URL-based regular expressions, CGI programs, HTML files, Java servlets, and Java class files.
Performs as a reverse Web proxy
WebSEAL appears as a Web server to clients and appears as a Web browser to the junctioned back-end servers it is protecting.
Provides single sign-on capabilities
IBM(R)Tivoli(R)Access Manager for e-business (Tivoli Access Manager) is a robust and secure centralized policy management solution for e-business and distributed applications. IBM Tivoli Access Manager WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on (SSO) solutions and incorporate back-end Web application server resources into its security policy.
IBM Tivoli Access Manager:
IBM Tivoli Access Manager is a complete authorization and network security policy management solution that provides unsurpassed end-to-end protection of resources over geographically dispersed intranets and extranets.
In addition to its state-of-the-art security policy management feature, Tivoli Access Manager provides authentication, authorization, data security, and centralized resource management capabilities. You use Tivoli Access Manager in conjunction with standard Internet-based applications to build highly secure and well-managed intranets.
At its core, Tivoli Access Manager provides:
Authentication framework
Tivoli Access Manager provides a wide range of built-in authenticators and supports external authenticators.
Authorization framework
The Tivoli Access Manager authorization service, accessed through the Tivoli Access Manager authorization API, provides permit and deny decisions on requests for protected resources located in the secure domain.
With Tivoli Access Manager, businesses can securely manage access to private internal network-based resources while leveraging the public Internet's broad connectivity and ease of use. Tivoli Access Manager, in combination with a corporate firewall system, can fully protect the Enterprise intranet from unauthorized access and intrusion.
IBM Tivoli Access Manager WebSEAL:
IBM Tivoli Access Manager WebSEAL is the resource manager responsible for managing and protecting Web-based information and resources.
WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on solutions and incorporate back-end Web application server resources into its security policy.
WebSEAL normally acts as a reverse Web proxy by receiving HTTP/HTTPS requests from a Web browser and delivering content from its own Web server or from junctioned back-end Web application servers. Requests passing through WebSEAL are evaluated by the Tivoli Access Manager authorization service to determine whether the user is authorized to access the requested resource.
WebSEAL provides the following features:
Supports multiple authentication methods
Both built-in and plug-in architectures allow flexibility in supporting a variety of authentication mechanisms.
Accepts HTTP and HTTPS requests
Integrates and protects back-end server resources through WebSEAL junction technology
Manages fine-grained access control for the local and back-end server Web space
Supported resources include URLs, URL-based regular expressions, CGI programs, HTML files, Java servlets, and Java class files.
Performs as a reverse Web proxy
WebSEAL appears as a Web server to clients and appears as a Web browser to the junctioned back-end servers it is protecting.
Provides single sign-on capabilities
Thursday, March 5, 2009
Overview on the Caching Proxy, WebSphere Edge Components.
Overview on the Caching Proxy Component in Websphere Application Server.
In an enterprise environment, a proxy server is a server that acts as an intermediary, typically placed in a demilitarized zone (DMZ). This DMZ is between the Internet and the server environment in the internal zone, providing the business services. It validates the request for an Internet service.
If the request passes filtering requirements, the proxy server forwards it to servers in the internal (secure) zone and acts as the requester. This mechanism prevents direct access from the (insecure external zone) to the sensitive servers in the internal zone .
The proxy servers used here can also improve performance by caching content locally.
The two main advantages of using a proxy server are system security and performance:
Security: A proxy server provides an additional layer of security and can protect HTTP servers further up the chain. It intercepts requests from the client, retrieves the requested information from the content-hosting machines, and delivers that information back to the client. If you are using a firewall between the reverse proxy server and the content HTTP server, you can configure the firewall to allow only HTTP requests from the proxy server.
Performance: A proxy server can increase the performance of your WebSphere Application Server in several ways.
Encryption/SSL acceleration: You can equip the proxy server with SSL acceleration hardware that can improve the performance of SSL requests.
Caching: The proxy server can cache static content to provide better performance.
Load balancing: The proxy server can balance the workload among several content HTTP servers.
WebSphere Edge Components Caching Proxy (CPS)
The WebSphere Edge Component Caching Proxy reduces bandwidth usage and improves a Web site's speed and reliability by providing a point-of-presence node for one or more backend content servers. Caching Proxy can cache and serve static content and content dynamically generated by WebSphere Application Server.
The proxy server intercepts data requests from a client, retrieves the requested information from content-hosting machines, and delivers that content back to the client. Most commonly, the requests are for documents stored on Web server machines (also called origin servers or content hosts) and delivered using the Hypertext Transfer Protocol (HTTP). However, you can configure the proxy server to handle other protocols, such as File Transfer Protocol (FTP) and Gopher.
The proxy server stores cache-able content in a local cache before delivering it to the requester. Examples of cache-able content include static Web pages and
JavaServer Pages files that contain dynamically generated, but infrequently changing, information. Caching enables the proxy server to satisfy subsequent requests for the same content by delivering it directly from the local cache, which is much quicker than retrieving it again from the content host.
There are several plugins for the Caching Proxy and for additional functionality to the proxy server, but we used only the default setup.
WebSphere Proxy Server (PS)
WebSphere Proxy Server (PS) is a new type of server supported in WebSphere Application Server Network Deployment (ND) package (in version 6.0.2 and later). This Proxy server receives requests from clients initially on behalf of content servers and work load manages, and routes the requests across content servers depending on the policies and filter classification definitions.
WebSphere Proxy servers can secure the transport (using SSL), content and protect the identity of application servers using the response transformation feature (URL rewriting). The Proxy server can also cache responses to improve throughput and performance. Another good feature to note is SSL offload at the Proxy server. When using this feature you can terminate an SSL (HTTPS) connection at the proxy server after receiving the request from the client and use HTTP as transport protocol between proxy server and the content server(s) (which are application server(s)). You can administer and configure this Proxy server from the deployment manager's administrator console (or wsadmin) in an ND environment.
This Proxy server is much more capable than the reverse proxy servers (the Edge caching server and the WebSphere plugin) with its advanced configuration capabilities, dynamic routing policies, and integrated system management in ND topology.
It is interesting to note that the Proxy server can also route requests across multiple cells and supports session affinity and failover.
In an enterprise environment, a proxy server is a server that acts as an intermediary, typically placed in a demilitarized zone (DMZ). This DMZ is between the Internet and the server environment in the internal zone, providing the business services. It validates the request for an Internet service.
If the request passes filtering requirements, the proxy server forwards it to servers in the internal (secure) zone and acts as the requester. This mechanism prevents direct access from the (insecure external zone) to the sensitive servers in the internal zone .
The proxy servers used here can also improve performance by caching content locally.
The two main advantages of using a proxy server are system security and performance:
Security: A proxy server provides an additional layer of security and can protect HTTP servers further up the chain. It intercepts requests from the client, retrieves the requested information from the content-hosting machines, and delivers that information back to the client. If you are using a firewall between the reverse proxy server and the content HTTP server, you can configure the firewall to allow only HTTP requests from the proxy server.
Performance: A proxy server can increase the performance of your WebSphere Application Server in several ways.
Encryption/SSL acceleration: You can equip the proxy server with SSL acceleration hardware that can improve the performance of SSL requests.
Caching: The proxy server can cache static content to provide better performance.
Load balancing: The proxy server can balance the workload among several content HTTP servers.
WebSphere Edge Components Caching Proxy (CPS)
The WebSphere Edge Component Caching Proxy reduces bandwidth usage and improves a Web site's speed and reliability by providing a point-of-presence node for one or more backend content servers. Caching Proxy can cache and serve static content and content dynamically generated by WebSphere Application Server.
The proxy server intercepts data requests from a client, retrieves the requested information from content-hosting machines, and delivers that content back to the client. Most commonly, the requests are for documents stored on Web server machines (also called origin servers or content hosts) and delivered using the Hypertext Transfer Protocol (HTTP). However, you can configure the proxy server to handle other protocols, such as File Transfer Protocol (FTP) and Gopher.
The proxy server stores cache-able content in a local cache before delivering it to the requester. Examples of cache-able content include static Web pages and
JavaServer Pages files that contain dynamically generated, but infrequently changing, information. Caching enables the proxy server to satisfy subsequent requests for the same content by delivering it directly from the local cache, which is much quicker than retrieving it again from the content host.
There are several plugins for the Caching Proxy and for additional functionality to the proxy server, but we used only the default setup.
WebSphere Proxy Server (PS)
WebSphere Proxy Server (PS) is a new type of server supported in WebSphere Application Server Network Deployment (ND) package (in version 6.0.2 and later). This Proxy server receives requests from clients initially on behalf of content servers and work load manages, and routes the requests across content servers depending on the policies and filter classification definitions.
WebSphere Proxy servers can secure the transport (using SSL), content and protect the identity of application servers using the response transformation feature (URL rewriting). The Proxy server can also cache responses to improve throughput and performance. Another good feature to note is SSL offload at the Proxy server. When using this feature you can terminate an SSL (HTTPS) connection at the proxy server after receiving the request from the client and use HTTP as transport protocol between proxy server and the content server(s) (which are application server(s)). You can administer and configure this Proxy server from the deployment manager's administrator console (or wsadmin) in an ND environment.
This Proxy server is much more capable than the reverse proxy servers (the Edge caching server and the WebSphere plugin) with its advanced configuration capabilities, dynamic routing policies, and integrated system management in ND topology.
It is interesting to note that the Proxy server can also route requests across multiple cells and supports session affinity and failover.
Subscribe to:
Posts (Atom)
