enable application logging in JBOSS EAP 6

1) remove any loggin configuration file in application's class path(like two in class folder of axis2)
2) config logger in admin-console

add telnet into windows server 2008 R2 dataCenter

pkgmgr /iu:"TelnetClient"

list in perl

we can use the word list operator (qw||) to create lists, and any non-word characters or parentheses to delimit the list, there lists for instance, are identical.

qw|a b c d|
qw/a b c d/
qw[a b c d}

perl variable

to declare a global variable you type $var; or our $var;
and to declare a local variable you type my $var;

go though logback root and appender structures remove an Appender manually

LoggerContext lc = (LoggerContext) LoggerFactory.getILoggerFactory();
//StatusPrinter.print(lc);
List strList = new ArrayList();
    for (ch.qos.logback.classic.Logger log : lc.getLoggerList()) {
      if(log.getLevel() != null || hasAppenders(log)) {
    System.out.println("LOG:" + log.getName());
   
    Iterator> appenders = log.iteratorForAppenders();
    while(appenders.hasNext()){
    Appender ap = appenders.next();
    System.out.println("APPENDER:" + ap.getName());
    }
   
        strList.add(log.getName());
      }
    }

Creating Keystores for the service and the client

while create secure web service,we need pair of keys represented client and server,both side keep their private key in their key store and import other side's public key in their store also.

server side use its private key to assign the message to client and decrypt the message comes from client and use client public key to verify the message from client and encrypt the message send to client.

Creating Keystores for the service and the client

The signing makes sure authentication, integrity and non-repudiation for messages, which are sent between entities. For signing at the senders side the private key is being used and at the receivers side the public key is being used. Therefore, it is required to follow the following steps in order to create two key-pairs for the sender and the receiver and to extract the public key of each entity to exchange between them.

Step 1: Creating a server keystore (server.jks)

keytool -genkey -alias server -keyalg RSA -keysize 1024 -keypass password -keystore server.jks -storepass password

Step 2: Creating the client keystore (client.jks)

keytool -genkey -alias client -keyalg RSA -keysize 1024 -keypass password -keystore client.jks -storepass password

Step 3: Extract (export) server public key/ certificate from the server keystore (server.jks)

keytool -alias server -export -keystore server.jks -storepass password -file tomcatpub.cer

Step 4: Import the extracted public key to client keystore

keytool -import -alias server -file tomcatpub.cer -keystore client.jks -storepass password

Step 5: Extract (export) client public key/ certificate from the client keystore (client.jks)

keytool -alias client -export -keystore client.jks -storepass password -file client.cer

Step 6: Import the extracted public key to server keystore

keytool -import -alias client -file client.cer -keystore server.jks -storepass password

Now both server and client keystores are having public keys of each other and ready for the communication.

rampart configuration users explained

<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
     <ramp:user>service</ramp:user>
     <ramp:encryptionUser>client</ramp:encryptionUser>
     <ramp:userCertAlias>client</ramp:userCertAlias>
</ramp:RampartConfig>

<ramp:user>

This is the user name used to retrieve the password from the CallbackHandler when UsernameToken security policy being configured.

<ramp:userCertAlias>

This is the key alias used to retrive the password of the corresponding private key from the CallbackHandler.

In the absence of this, <ramp:user> is used for the same purpose.

<ramp:encryptionUser>

This is the key alias of the public key used to encrypt the message.