Deploying Infinity Process Platform Components to a Web Application Server

Running Infinity Process Platform Engine in a Web server is just like running a normal Infinity Process Platform client. However, when operating in Spring local mode (as opposed to the remote mode), we have the choice of providing the data source as an application resource just like we have done when deploying to an EJB server. The steps in deploying a Web application are:

You can achieve a pre-packaged carnot.ear or engine jar file via the archetypes provided by Infinity predefined for specific application servers. Refer to the specific application server description in the Application Server Setup part for details on the available archetype.

Note when you like to provide the data source as an application resource, the clients must specify org.eclipse.stardust.engine.api.web.PlainWebServiceFactory as the Client.ServiceFactory property value in your carnot.properties file.

Deployment of Custom Classes

Sometimes it is useful to differ between classes to be used by the engine and client classes. You can set the engine property UseContextClassloader in your carnot.properties file to enable the usage of a ContextClassLoader.

Enter this property in your server-side carnot.properties file and set its value to true:

Carnot.Engine.Classloading.UseContextClassloader = true

Classes used in the WAR-context (e.g. JSF backing beans) must be packaged in a JAR inside the WAR file, whereby classes used in the WAR and EAR must be packaged in a JAR inside the EAR file.

Principal Login

To set up form-based authentication you should extend your web.xml file as described in the following section. This file resides in your ipp-portal.war/WEB-INF directory of your Infinity Process Platform installation. The property Security.Authentication.Mode in your carnot.properties file has to be set to principal.

Welcome File-List

First set the <welcome-file> to:

<welcome-file-list>
    <welcome-file>form-based-index.jsp</welcome-file>
</welcome-file-list>

Restrict resources based on a given URL pattern

To inform the Web container that you want to restrict an area based on an URL pattern, add the following lines:

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>All</web-resource-name>
      <url-pattern>*.jsp</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
    </web-resource-collection>

Whereby the tags mean:

Name the security roles that are allowed access to the resources

First setup security roles for your Web application. Then list the roles who have access to the resource:

    <auth-constraint>
      <role-name>CARNOT</role-name>
    </auth-constraint>
  </security-constraint>

FORM-based Authentication

Tell the container to use form-based authentication:

  <login-config>
    <auth-method>FORM</auth-method>
    <realm-name>form-based-login-realm</realm-name>
    <form-login-config>
      <form-login-page>/form-based-login.jsp</form-login-page>
      <form-error-page>/form-based-logout.html</form-error-page>
    </form-login-config>
  </login-config>

Name all of the security roles in the Web application

Now name all the security roles in the Web application:

  <security-role>
    <role-name>CARNOT</role-name>
  </security-role>

More information is provided in following vendor specific sections on how to package deployment descriptors, such as web.xml,  into the carnot.ear, and ipp-portal.war files.

Principal Logic with WebLogic

Note that if WebLogic has been configured as your Web Application Server, deactivate the KeepAlive option to avoid session timeouts. Refer to section Deactivating the KeepAlive option of chapter WebLogic for details.