Running Infinity Process Platform Engine in a Web server is just like running a normal Infinity Process Platform client. However, when operating in Spring local mode (as opposed to the remote mode), we have the choice of providing the data source as an application resource just like we have done when deploying to an EJB server. The steps in deploying a Web application are:
You can achieve a pre-packaged carnot.ear or engine jar file via the archetypes provided by Infinity predefined for specific application servers. Refer to the specific application server description in the Application Server Setup part for details on the available archetype.
Note when you like to provide the data source as an application resource, the clients must specify org.eclipse.stardust.engine.api.web.PlainWebServiceFactory as the Client.ServiceFactory property value in your carnot.properties file.
Sometimes it is useful to differ between classes to be used by the engine and client classes. You can set the engine property UseContextClassloader in your carnot.properties file to enable the usage of a ContextClassLoader.
Enter this property in your server-side carnot.properties file and set its value to true:
Carnot.Engine.Classloading.UseContextClassloader = true
Classes used in the WAR-context (e.g. JSF backing beans) must be packaged in a JAR inside the WAR file, whereby classes used in the WAR and EAR must be packaged in a JAR inside the EAR file.
To set up form-based authentication you should extend your web.xml file as
described in the following section. This file resides in your
First set the <welcome-file> to:
<welcome-file-list> <welcome-file>form-based-index.jsp</welcome-file> </welcome-file-list>
To inform the Web container that you want to restrict an area based on an URL pattern, add the following lines:
<security-constraint> <web-resource-collection> <web-resource-name>All</web-resource-name> <url-pattern>*.jsp</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection>
Whereby the tags mean:
First setup security roles for your Web application. Then list the roles who have access to the resource:
<auth-constraint> <role-name>CARNOT</role-name> </auth-constraint> </security-constraint>
Tell the container to use form-based authentication:
<login-config> <auth-method>FORM</auth-method> <realm-name>form-based-login-realm</realm-name> <form-login-config> <form-login-page>/form-based-login.jsp</form-login-page> <form-error-page>/form-based-logout.html</form-error-page> </form-login-config> </login-config>
Now name all the security roles in the Web application:
<security-role> <role-name>CARNOT</role-name> </security-role>
More information is provided in following vendor specific sections on how to
package deployment descriptors, such as web.xml, into the carnot.ear,
Note that if WebLogic has been configured as your Web Application Server, deactivate the KeepAlive option to avoid session timeouts. Refer to section Deactivating the KeepAlive option of chapter WebLogic for details.