Apache TomEE with JOSSO and OpenLDAP

November 11, 2012

This a quick run-through to setup JOSSO with OpenLDAP on Apache TomEE,  the Java Enterprise Edition of Apache Tomcat.

Apache TomEE

Download and install Apache TomEE, nothing it is simpler than that!


TomEE is based on Tomcat, therefore the directory structure is very similar:

  • conf, the folder with the configuration files
  • lib, JAR files requires by the container
  • log, TomEE and application log files
  • webapps, WAR files
  • webapps/tomee, the Web application delivering the EE capabilities

Additional Libraries

Additional JAR files (ie DB drivers) can be dropped in the lib folder…. but a better approach is indeed to store them separately.

Create a new folder /lib/ext with the libraries, then update the /conf/catalina.properties to ensure those are part of the common classloader:


System Properties

System properties are defined in /conf/system.properties

Data Sources

Datasources are defined in /conf/tomee.xml

<Resource id=”myDS” type=”DataSource”>
JdbcDriver oracle.jdbc.OracleDriver
JdbcUrl jdbc:oracle:thin:@localhost:1521:xe
UserName user
Password pwd
JtaManaged true

Web Application Libraries

Additional JAR files (ie DB drivers) can also be dropped in the lib folder…. but again lets do it properly.

Create a new folder /applib with the libraries, then update the /conf/catalina.properties to ensure those are part of the shared classloader:



Set appropriate size for the Java Heap and PermGen space adding in  /bin/setenv.bat:

-Xmx1024m -XX:MaxPermSize=512m


Download JOSSO dist (1.8.6 in my case) from JOSSO web site and install the Gateway, it is ok to set Tomcat 7 as platform:

josso> gateway install –target C:/apache-tomee-webprofile-1.5.0 –platform tc70

Deploying Apache Tomcat 7.0.x JOSSO Gateway v.1.8.6

Install the agent in the same way:

josso> agent install –target C:/apache-tomee-webprofile-1.5.0 –platform tc70

Installing Apache Tomcat 7.0.x JOSSO Agent v.1.8.6

Both steps will generate a report of all changes, so you can see which jar files have been copied and which configuration files have been modified.

Config Partner Application(s)

Edit /lib/josso-agent-config.xml to define the partner application(s) (<agent:partner-apps> tag), basically which apps/URLs will be JOSSO-protected.

OpenLDAP backend

If you need an LDAP backend (OpenLDAP?) some additional configuration is required:

Edit /lib/josso-gateway-ldap-stores.xml to setup the LDAP connection

Edit /lib/josso-gateway-config.xml to make sure it imports the above josso-gateway-ldap-stores.xml

Edit /lib/josso-gateway-auth and remove  hashAlgorithm/hashEncoding from the Basic Authentication Scheme, those settings seem to bother OpenLDAP and the user authentication doesnt work.



Struts2-Interceptors-Extension Library

June 19, 2012

A bundle of interceptors which extend the existing built-in interceptors of the Struts2 framework with some additional features helping development and support of Struts2 applications.

Check github out for source and info.

PropertyManager Utility on GitHub

June 7, 2012

A Java utility for managing property files:


  • simple
  • open source 🙂
  • Mavenized
  • Unit tested

Custom indexing (using Java threads) with Hibernate Search

April 28, 2011

The post is based on latest development on a project:  the requirement is to implement a custom incremental update of the Lucene index. The update takes place at pre-defined (configurable) intervals and indexes all entities created or modified since the last run (i.e. full text search index is aligned with the DB changes every 60 min while the users are accessing the application)

The technology stack is Hibernate 3.6, Hibernate Search 3.3, Lucene 3.0.1, Spring 2.5.6, Java 5.

Why and How

Read the rest of this entry »

Poor/Slow Unit Testing Performance with Maven

January 5, 2011

Our development struggled for some time as the application was getting bigger and bigger, the performance of unit testing got really bad becoming at some point (especially after migrating to latest Hibernate 3.6) unusable (aka stop of quality development) 😦

We investigated the environment (jdk, hw specs, ram), the frameworks being used (Hibernate, Spring), even the underlying DB (I am actually here talking of integration tests)… but the answer was to be found in the Maven settings.

The Maven Surefire Plugin instantiates a new JVM for running the test classes, but it appears that the JVM settings of Maven (typically what you set in the bin/mvn.bat) are not propagated to the newly created JVM, hence running the tests with some (inadequate) default values…

Check this out to see how the JVM memory settings can be configured. It did the trick 🙂


2010 in review

January 2, 2011

The stats helper monkeys at WordPress.com mulled over how this blog did in 2010, and here’s a high level summary of its overall blog health:

Healthy blog!

The Blog-Health-o-Meter™ reads This blog is doing awesome!.

Read the rest of this entry »

Test Driven Development (TDD) Masterclass – Amsterdam

September 27, 2010

On Sep 15/16/17 I had the great opportunity to attend a Test-Driven Development (TDD) Masterclass together with Robert C. Martin (Uncle Bob) of Object Mentor.

The event was arranged by Zilverline, a young Amsterdam-based company specialising in Agile consultancy and training. The folks of Zilverline did a great job: training location was superb as they were the facilities and their support though out the event.

I think it hardly gets more interesting that digging into the deep secrets of TDD, especially with one of its greatest preachers. The 3 days were just enough to go through the approach of TDD, when/how to do it, obstacles and enemies during the implementation  and what you really want to achieve.

The audience was pretty advanced, everybody bringing real hands-on experience mostly with TDD or at least with development and testing enterprise software. Great chance to discuss/compare/challenge different ways of working with experienced developers/techies… which is (based on my experience at least) very rare in most trainings.

Read the rest of this entry »