The Borland Enterprise Server is available in three editions:
Web Edition
VisiBroker Edition
AppServer Edition
Each edition builds upon the tools and services of its predecessor. The most basic is the Web Edition; the most versatile is the AppServer Edition. If desired, you can upgrade from one Edition to another. This release note is applicable to all of these editions.
For information on minimum hardware requirements, certified operating systems, JDKs, and compilers, please refer to the Product Platforms Page.
The following is additional platform information for the VisiBroker Edition:
If you have downloaded the "BES 5.1 Support for BCB6" Release and require VisiBroker debug libraries to perform testing using Borland C++ Builder 6.0, these libraries can downloaded from the Registered Users area found at http://www.borland.com/products/downloads/download_cbuilder.html. Please note: You must be a registered user of C++ Builder 6 to gain access to this download area. C++Builder 6 is registered electronically or by telephone upon first use of the product using the registration wizard in the C++ Builder product.
VisiBroker C++ security depends on the Certicom SSLPlus library. Currently, the 64-bit SSLPlus library is not available. Therefore, the VisiBroker Edition 64-bit port does not provide a C++ security component.
HP-UX kernels are typically underconfigured for real-world
applications, and must be re-tuned. HP-UX 11.0 is configured by
default to allocate only 64 threads to any particular process. The
typical symptom of this configuration problem is that ias
and other process emit errors regarding memory problems or errors
regarding an inability to allocate additional threads. This can be
corrected by reconfiguring the kernel using the SAM
utility. We recommend a minimum configuration of 512 threads per
process. You should test your application under load to the verify
this meets your requirements.
Most scripts in this release use the Korn shell, which must be installed on your system. The pdksh package, which is distributed with Red Hat Linux, is known to work but is not installed by default. To install this file, use this command:
rpm -i package-file
For information on how to install Borland Enterprise Server, please refer to the Installation Guide. If you are upgrading, see Upgrading from previous versions.
There are now two Install Types: Borland Enterprise Server Complete, and Borland VisiBroker Standalone. Borland Enterprise Server Complete installs a BES server, Borland VisiBroker Standalone installs a self-contained VisiBroker installation. The former is used the same way installs have been used in BES 5.0.x. The latter is used to install the VisiBroker ORB or VisiBroker Console without any J2EE components.
The Borland VisiBroker Standalone installation is not to be confused with BES VisiBroker Edition. The former is an install type, the latter licensing purchased for BES. All install types are available with all BES editions.
If you have a previous installation of Borland AppServer or Borland Enterprise Server installed, do not install on top it. Remove the previous version or install Borland Enterprise Server in a separate directory.
Before installing, ensure that you have read and complied with the J2SE Release Notes. In particular, if you are experiencing any JVM failures, ensure that you have met all the OS version and patch requirements.
Borland Enterprise Server licensing technology governs the level of features available. You can upgrade your license at any time. For example, you can upgrade from one edition to another, from an evaluation to development license, or to a runtime license. You can manage your server's license using the Borland Enterprise Server Console.
A fully licensed installation on Unix may emit the following
licensing error message when using tools like idl2cpp or
VBJ.
There is no valid license to run this product or component. Please make sure that a license enabling this product or component is installed correctly and it has not yet expired.
These tools require access to appropriate environment variables.
Prior to running these tools, use the vbroker.csh (for
C-Shell) or vbroker.sh (for Bourne and Korn Shell, bash)
scripts in the installation's bin directory to set up
the appropriate environment variables. Buildling the examples
requires invoking a number of these tools; if you wish to compile the
examples on Unix or Linux, you must invoke the setup scripts first.
This behavior is as designed.
When an appropriate license is presented to the Borland Enterprise Server, client license Serial Numbers and Activation Keys are generated automatically. You can find the Serial Number and Activation Key in the file:
<your_install_root>/var/servers/<your_server_name>/adm/client.license
To run the Borland Enterprise Server, navigate to its
binsubdirectory and type ias. In Windows,
choose Start|Programs|Borland Enterprise Server. Refer
to the User's Guide for more detailed information.
To use the Java-based Console, navigate to your installation's bin
directory and type console. The Console allows you to
browse, control, and configure the server, as well as deploy
applications to it. In Windows, choose Start|Programs|Borland
Enterprise Server|Console. Refer to the User's Guide for
more detailed information.
When the Console starts, a Login dialog appears. All servers are
installed with a default user named admin. The password
for this user is admin as well.
Security is disabled by default for the user domain on partitions in the Borland Enterprise Server. To enable security on a partition, launch the Console and locate your partition. Right-click and select configure. In the Security tab, check the security enabled box. When prompted for a restart, restart the partition.
In previous releases the BES management was two tiers, the console and the server. BES 5.1 introduces a 3-tier management system that includes a management hub server, a management agent and the console. The console functionality of the 5.0 release is unchanged. Use of the BMS is optional.
The management system simplifies the creation and management of clusters. Hosts that you want to manage using the BMS need only to have the BMS agent started. Using it you can manage; start, stop, etc, all the components of the BES using new features in the console.
Included in this release is a version of Petstore that you can deploy to a BES cluster using the BMS system. There is a detailed tutorial walk-through of the steps of deploying Petstore to a BES cluster. The Petstore tutorial will be continually updated and improved and will serve as basis for examples of how to exploit the features of the BES. Please visit http://www.borland.com/techpubs/bes for updates. See known issues before deploying the example on the CD.
The following fixes were made in response to reported problems in previous releases, and have been resolved in 5.1. Each fix is preceded by its bug number.
30527: Apache & osagent will consume 100% of cpu if SSL enabled on partition.
30596: M:N SQL Alias missing from self join.
30635: LDAPLoginModule requires fully qualified distinguished names.
30659: iastool -genstubs handling of '-' values in java2iiop arg is incorrect.
31229: ZipException thrown during stub generation if libraries within a WAR within an EAR contain stubs.
30815: Infinite loop when allocating space in a JDataStore database.
31907, 30673: JBuilder 7/BES integration update.
33539: The VisiConnect example does not work .
30615: Container throwing IllegalStateException and OutOfMemoryError error.
The following sections detail the J2SE requirements for Borland Enterpise Server. The J2SE versions reference below are the only versions certified for use with Borland Enterprise Server.
It is vitally important that you read the Release Notes and/or Readme that accompany the version of Java you use with Borland Enterprise Server. In particular, pay special attention to the sections that detail Operating System patches that must be applied. Failure to do this WILL lead to unpredictable Java VM crashes.
J2SE 1.3.1_04 is installed as part of the Borland Enterprise Server on Windows and Linux. You can read the Release Notes on Sun's web site.
J2SE 1.3.1_01 is installed as part of the Borland Enterprise Server on Solaris. You can read the Release Notes on Sun's web site.
PSA is mainly a programming model and a software component that works on top of OMG standardized notification service. PSA supports a high level programming model very similar to POA model. Developing CORBA publish/subscribe applications using PSA is as easy as and similar to developing client/server application under POA. PSA provides an intuitive high level object abstraction, de-couples orthogonal logic/objects, giving the flexibility to change object or logic implementations independently. For instance, in PSA, changing a typed consumer from using push to using pull requires no change on message receiving code but only a flag change on subscribe.
PSA can be used on top of third party OMG Notification Service implementations and it is also interoperable with applications directly built on top of low level OMG notification service interfaces.
Native Messaging provides an intuitive and powerful framework for performing non blocking and asynchronous method invocations in CORBA/J2EE environments. VisiBroker Native Messaging support is available to all of VisiBroker ORB and J2EE (1.3 and up) environments including C++, Java, RMI/EJB and Delphi. Also, VisiBroker Native Messaging is based on an open IDL interface and the standardized IIOP, therefore, it can be readily used by applications built on top of other non-VisiBroker ORBs, older versions of VisiBroker ORB (3.x, 4.x) and RMI-over-IIOP compliant J2EE environment, which makes VisiBroker Native Messaging an interoperable and portable solution.
Please take note that VisiBroker Native Messaging is based on an evolving technology. In this release it is provided as a Technology preview for demonstration purposes only. It will be made completely available in the future versions of the product.
stdout or stderr._is_a", "_non_existent", and "_get_interface_def".
OAD started servers that write to standard output or to standard error will experience improvement in performance.
Context, ContextFactory, Cluster and
ClusterManager object types.The current->begin() command will now validate the cache transaction factory
ior to be a valid one, else a bind() will be executed again. However, if the
command line has currentName value then the check will be omitted.
vbroker.orb.closeConnTimeout: This is a server side property and is used
to set a timeout on sending a GIOP "CloseConnectionMessage". Value is specified
in milli seconds, default is 0.vbroker.notify.channel.codeset: The VisiBroker Notification Service forces
codesets to be turned on. To turn it off, set it to false. Note that setting
this property to TRUE/FALSE sets the following properties TRUE/FALSE : vbroker.orb.embedCodeset
and vbroker.orb.enableCapabilities. Default value is true.vbroker.orb.localhost: Use this property to specify the default localhost
at the orb level. This is useful in multi-homed hosts. It is overridden by
server-engine specific properties such as vbroker.se.iiop_tp.host.vbroker.agent.rebindIfBind: If set to true, this property allows a rebind
via osagent if and only if the bind was via osagent in the first place. If
set to false, rebind can occur via osagent irrespective of the bind procedure.
The default value of this property (i.e., false) is deprecated, and future
releases will set this property to true by default.vbroker.naming.CacheSize: This property is no longer effective.vbroker.orb.backCompatAlign: This property is false by default. Use this
property when the IDL contains a longlong as a parameter or return value.
To be backward compatible with vbj 411 and 3x, it should be set to true.To upgrade from Borland Enterprise Server 5.0.1 or 5.0.2, do not install on top of the previous installation. Install in a separate directory or uninstall your previous version first. You may then redeploy your applications to Borland Enterprise Server 5.1.
To upgrade from Borland Enterprise Server 5.0.0, do not install on top of the previous installation. Install in a separate directory or uninstall your previous version first. You may then redeploy your applications to Borland Enterprise Server 5.1.
NOTE: Borland Enterprise Server 5.1 is not interoperable with the 5.0.0 version due to fixes for bugs relating to compliance to specifications. Therefore, all installations of the 5.0.0 version that interact with one another must be upgraded simultaneously.
To upgrade from Borland AppServer 4.5, do not install on top of the previous installation. Install in a separate directory or uninstall your previous version first. You may then migrate your applications from BAS 4.5 to Borland Enterprise Server 5.1.
The Borland VisiBroker Object Request Broker (ORB) now combines the Java and C++ packages into a single installation. It has been necessary to synchronize some of the features and behaviors of the Java and C++ ORBs as a result. This section details the changes in the Gatekeeper, the VisiBroker ORB in general, and the Naming Service utility.
By default, the Security Service is turned off in Gatekeeper; this means that the Gatekeeper will function as expected in VBJ4.5.x with added features. To enable Security Service in Gatekeeper, use:
vbroker.security.disable=false
There is no need to explicitly load the following services using the vbroker.orb.dynamicLib property in the Gatekeeper:
com.inprise.security.Init
com.inprise.vbroker.gatekeeper.ssl.Init
com.inprise.security.hiops.Init
The Security Service is already integrated with Gatekeeper. When Security is enabled, the required services are loaded. Specific listener ports can then be specified.
A new property, vbroker.gatekeeper.load.balancer, has been added
to allow Master-only role of the Gatekeeper in the Master/Slave configuration
scenario for Load-Balancing. In addition, the following load-balancing enhancements
have been made:
PassThru connections can be constrained for a given range of ports on the firewall.
Supports VisiBroker 3.x style callback functionality. VisiBroker 3.x, 4.x and BiDir style callback functionality is available simultaneously.
SSL ports can be mentioned in the server-side TCP firewall configuration.
Due to changes in the behavior of the AppletViewer, the vbroker.orb.gatekeeper.ior
property needs to assign proper values for HTML files containing applets.
The following list details enhancements and/or alterations made to the Security service for this release:
The LDAPLoginModule has been enhanced with usability and functionality improvements. It now provides a more flexible and customizable usage model. Please see the security FAQ for usage details.
Added a new command line option for transaction service. - vbroker.ots.iorFile: this option takes in a file name whereby the IOR of the transaction service will be written into. If this option is not given or filename given by this option is not accessible, then the IOR of the transaction service will be written to STDOUT.
AppServer Edition is J2EE 1.3 compatible. Existing J2EE 1.2 applications can be deployed to a partition. The console also provides tools to assist you in migrating these applications to J2EE 1.3.
Some individual 4.5.1 utilities such as GenerateJar,
DSDeploy and com.inprise.ejb.util.Verify
have been removed from the product. Equivalent functionality has been
consolidated in the Console and iastool command-line
utilities.
Visibroker is fully backward compatible with Visibroker 3.x, 4.0.1, 4.1.1. For Visibroker to be fully backward compatible with Visibroker 4.5.x, it is recommended that you update your Visibroker 4.5 and 4.5.1 installations with the Visibroker 4.5.1 Patch 8 or later. Please note that VisiBroker is not binary compatible with previous VisiBroker releases. As VBC 5.1 uses codeset by default, it is not out of the box backward compatible with earlier versions of VisiBroker that does not have codeset component in their IOR. To be backward compatible with such earlier versions of the product, the application is required to turn off codesets explicitly.
The back-compatability property vbroker.orb.enableVB4backcompat
is set to false by default. The default is acceptable unless you are using the
Gatekeeper. If your server implementation includes the Gatekeeper, this property
must be set to true on both the application server and the Gatekeeper implementation.
Visibroker will interoperate with a foreign ORB using the default value of false
for the vbroker.orb.enableVB4backcompat property.
The VBC 5.1 property flags vbroker.orb.enableCapabilities and vbroker.orb.embedCodeset
are now set to true by default. Applications that don't require GIOP 1.2 wchar/wstring
should set these flags to false.
Support for Portable Interceptors and the coexistence of 4.x interceptors and 3.x interceptors is provided through a 4.x migration layer.
For a VBC++ server to interoperate using GIOP1.2 wchar/wstring, the following properties must be set:
vbroker.orb.enableCapabilities = true
vbroker.orb.embedCodeset = true
-Dvbroker.orb.dynamicLibs=com.visigenic.services.CosTranscations.TSServiceLoader.
This class is package in asrt.jar. If you are using InpriseDriver, replace
com.inprise.its.jdbcDirect.InpriseDriver with com.inprise.visitransact.jdbc1x.InpriseDriver.
In this version, the property file read in by -ORBpropStorage switch will
have to be end with a complete line, else the last property in the file will
not be read.
The following changes have been made to the Security implementation that affect back-compatability:
SecurityLevel1 and SecurityLevel2 Current APIs are no longer available.
X509ExtensionImpl as
a mechanism for checking extensions is not supported. Add your own
TrustManager using the setTrustManager() API. It is
recommended that you delegate back to the built-in Trust Manager to
perform the basic validation prior to checking extensions.
All of the SSLCurrent
and com.inprise.security.CORBAsec.Current APIs are
unchanged.
PeerAuthentication mode,
while available, is deprecated. To maintain compatibility with
future releases, refrain from using any PeerAuthenticationMode
other than NONE, REQUEST_AND_TRUST or
REQUIRE_AND_TRUST.
AuthenticateDelegatedUPIdentity
property currently does not work.
CustomDB and RemoteDB types are still supported as Password backends. FileDB and HostDB are no longer supported. Use the appropriate LoginModules instead.
Do NOT deploy the petstore_admin_opc.ear and the supplier.ear on the CD. Go to to pick up the latest of these files. Without these ears you will not be able to use Petstore administration component. However, you will be able to shop and buy pets. If you do deploy them they will have red-X's indicating they did not start. If you hit the Submit button to make a purchase the managed partition may consume up to 200MB of ram and over 1700 threads. You will have to kill the ias and partition process using the process manager. Please visit http://www.borland.com/techpubs/bes for updates.
Changing real and effective user ID when running the Borland Enterprise Server is not supported. This impacts the server's ability to run as user root. To support running as user root on Linux, you must edit the server.properties file and the partition.properties file to remove or comment out the properties 'server.user' and 'server.group'. Failing to remove these properties from your configuration file will cause the server to hang on Linux. This is due to a limitation of the threading model on Linux.
The LinuxThreads implemenation has known problems properly handling terminal generated signals. You should use either built-in shell commands such as kill or /bin/kill to signal the Borland Enterprise Server. The Console or iastool can also be used to control the server and its components. The Management Hub and Management Agent should be signalled using kill or /bin/kill, as in the case of the Borland Enterprise Server.
Linux has experienced occasional Java VM failures during process shutdown.
Linux servers under significant load sometimes have difficutly shutting down cleanly. The Borland Enterprise Server can be tuned to affect how its components are stopped. The properties files listed here contain properties named *.shutdown.check.*. Please read the properties files for details.
<your_install_root>/var/servers/<your_server_name>/adm/properties/paritions/<your_partition_name>/parition.properties <your_install_root>/var/servers/<your_server_name>/adm/properties/services/apache2_0/apache2_0.properties <your_install_root>/var/servers/<your_server_name>/adm/properties/services/sonicmq/sonicmq.properties
The Apache web server emits a corefile on shutdown due to an imcompatability between the apache pooled memory manager and that employed by the C++ runtime. This issue does not have an adverse effect on Apache's runtime behavior.
A BES server created using the Console's Cluster Creation Wizard or Apache Creation Wizard may not start in a heterogenous network because of the following issue. Such a server will use the VM type (e.g., server, client,...) that is the default type for the platform that the Management Hub is running on. For instance, if the Management Hub is running on an HP machine, the VM type will be server. However, the only VM type supported on AIX is jvmdefault. This can be corrected after the server has been created by setting the server's vmtype property in the file <your_install_root>/var/servers/<server_name>/adm/properties/server.config to jvmdefault.
The following known issues are germane to the VisiBroker ORB implementation provided with Borland Enterprise Server.
4.x Server Request Interceptors:
To allow co-existence of 4x and PI
interceptors in the same chain, postinvoke_postmarshal()
is now called after servantLocator.postinvoke().
Exceptions thrown from
postinvoke_postmarshal() are now ignored.
If an exception is thrown from the
servant implementation, postinvoke_premarshal()
followed by postinvoke_postmarshal() are called instead
of exception_occurred(), which is reserved for in-chain
exceptions.
In colocated DII cases, both the 4.x client and the server request interceptors are invoked. This is a change from VBC 4.x, where only client request interceptors are invoked.
PI Request Interceptors are not invoked in colocated stub cases. They are invoked in colocated DII cases.
PI limitations for ClientRequestInfo:
arguments():
available for DII only
exceptions():
available for DII only
contexts(): available
for DII only
operation_context():
not available, CORBA::NO_RESOURCES thrown
result(): available
for DII only
received_exception(): available only if typecode
info is available (e.g. IDL is compiled with -typecode_info and
linked into program), otherwise CORBA::UNKNOWN is always returned.
PI limitations for ServerRequestInfo:
arguments():
available for DSI only
exceptions(),
contexts(), operation_context(): not
available, CORBA::NO_RESOURCES thrown
result(): available
for DSI only
sending_exception(): same as for
received_exception() above.
When client and server are colocated, Portable Interceptors are only fired for dynamic invocations. For static stubs, no PI is fired. There is no change in behavior of VisiBroker for Java 4.x interceptors; this means that they do not get fired for either dynamic or static colocated invocations.
The com.inprise.vbroker.PortableInterceptor.SystemExceptionHelper
class provides the methods insert and extract
to insert and extract System Exceptions into and out of an Any
respectively. These are static methods and have the following
signatures:
public static void insert
(final org.omg.CORBA.Any any, final org.omg.CORBA.SystemException
se);
public static org.omg.CORBA.SystemException extract
(final org.omg.CORBA.Any any);
PI limitations for ClientRequestInfo:
arguments(),
result(), exceptions(), contexts(),
and operation_contexts() are only available for DII
invocations.
received_exception() and received_exception_id()
will always return a CORBA::UNKNOWN exception and its
respective repository id if a user exception is thrown by the
application.
PI limitations for ServerRequestInfo:
exceptions() does not
return any value; it will raise a CORBA::NO_RESOUCES
exception in both dynamic invocations and static stub based
invocation.
contexts() returns
the list of contexts that are available during operation invocation.
sending_exception()
returns the correct user exception only in the case of dynamic
invocation (provided the user exception can be inserted into an Any
or its TypeCode info is available).
arguments(), result(), contexts(),
and operation_contexts() are only available for DSI
invocations.
In VisiBroker C++, the ORB will use whichever thread is calling
orb-run() or orb-perform_work() to deliver
requests to the servant. In order to conform to OMG specifications,
it is up to the application to make the above calls only with the
main thread if they have main thread POAs.
In VisiBroker Java, the Java ORB includes main thread related
options. See the vbroker.orb.mtmPerCall property in the
document addendum for
details.
On Windows 2000, due to a potential bug in license manager (LM),
an error may occur in the VisiBroker C++ application with this
message: The application failed to initialized properly
(0xc0000005). Click OK to terminate the application. To
workaround this problem, use either short or quote ("")
qualified folder names for the USERPROFILE environment
variable. For example, c:\"Documents and
Settings"\Administrator.
Due to bug 4500124 in JDK 1.3.x, a VisiBroker Java server with
connectionMax value set may start throwing marshalling
exceptions under heavy load. Sun has resolved this bug and will make
it available in next JDK 1.3.1 patch release (1.3.1_02) due in
December 2001.
When using Sun's J2SE 1.3.1 on Linux, the Client application may
hang in com.inprise.vbroker.orb.SocketSCM.shutdown()
while exiting. This is due to bug 4344135 in the JVM. To workaround
this problem, set the J2SE_PREEMPTCLOSE environment
variable to 1 when running the application. That is,
J2SE_PREEMPTCLOSE=1 export J2SE_PREEMPTCLOSE
See the J2SE 1.3 release notes from Sun Microsystems for more information.
offer_change() and subscription_change() are not supported. Calling them
on VisiNotify's admin object cause no effect. Neither, channel will callback
them on a connected supplier or consumer.get_typed_consumer() on a typed proxy
can be narrowed down to any interfaces. is_a() call on <I>
interface always return TRUE. This is to allow the application to use proxy
key as a mechanism to create multiple logical channels within a physical typed
channel. To disable the weak type feature, restart the visinotify with -Dvbroker.notify.channel.weakType=false
.the_properties" parameter of PSA's subscribe()/publish() methods is
reserved for future releases. It does not provide any function in this release.async_dispatch" parameter of PSA's pull_and_dispatch() method is reserved
for next release. It does not provide any function in this release.Naming Service JDBC Adapter support for Clustered Naming Service feature has a few constraints for databases as stated below:
JdataStore
To handle the wait time of the locks held by the transaction in the jdatastore backend, vbroker.naming.lockWaitTime property needs to be set interms of milliseconds.The default value is 10000ms.Interbase
If the following error is encountered when using Interbase, please use InterClient 2.5 to solve the problem.
java.lang.VerifyError: (class:interbase/interclient/ErrorKey, method: _$372 signature: (Ljava/lang/String;Ljava/lang/String;I)V) Expecting to find uninitialized object on stack.
To workaround a Transaction setting problem in case of clustered naming services, transaction level is not set for the initial naming service startup
Sybase
Original tables vbins_ctx_tbl, vbins_graph_tbl, vbins_meta_tbl, vbins_cluster_tbl
should be dropped manually as it is not possible to drop all the tables in a
single transaction without committing each statement.
To get DatabaseMetaData information from Sybase which is required for the current
naming service implementation, upon installing a version of jConnect, install
the script, ASE - sql server.sql, ASA - sql anywhere.sql. This script may be
found in $JDBC_HOME/sp and may be installed using any flavor of isql by using
the command:
isql -i <sql_server.sql/sql_anywhere.sql> -U<username> -P<password> -S<servername>
</code>examples/vbe/interceptors/event_queue_cpp.html.
Please read "SampleConnEventLoader.h" as "SampleServerLoader.h" and "SampleConnEventImpl.h"
as "ConnEventListenerImpl.h".
The following known issues pertain to Borland Enterprise Server's security implementation:
The CmdLineCallbackHandler
and the HostCallbackHandler expect a choice index
rather than the text for a choice callback.
setPKprincipal will
not work when pkcs12 is the default keystore type.
POA will be initialized with a
TrustManager and Identity at the time of
the creation of the rootPOA.
Global setting of ServerQoPConfig
will not be applied for POAs already created. This can happen when
the POAs are created at post_init() of ORBInitializers
or init_completed() of ServiceLoaders.
CertificateWallet has the following constructors
which are not documented:
// Load an X509CertificateChain w/ a PKCS8 DER encoded private key
public CertificateWallet (String alias, java.security.cert.X509Certificate[] chain,
byte[] pkcs8DEREncodedPrivateKey, char[] password);
// Create a wallet using a Keystore. This expects one certificate in
// the keystore and expects the private key password to be passed in.
public CertificateWallet (KeyStore ks, char[] keyPassword);
// Using Java native certificate and private key objects
public CertificateWallet (String alias, java.security.cert.X509Certificate[] chain,
java.security.PrivateKey key, char[] password)
// Certificate chain
public CertificateWallet(X509Certificate[] chain);
// PKCS #12 Certificate. This assumes the private key password is the
// same as the certificate file password
public CertificateWallet (byte[] pkcs12DERbytes, char[] password)
// Keystore file name based
public CertificateWallet (String fileName, char[] filePassword,
String alias, char[] password)
PEM and unencrypted RSA private keys are not supported yet.
The security service cannot support clients with U/P and clients with Public Key simultaneously on one server socket. When transport level trust-in-client is enabled, clients must have a certificate, even if they want only U/P identities. U/P identities will take precedence. This is due to a JSSE limitation that will be fixed with J2SE 1.4.
All entries in the System configuration for JAAS should have a REALM attribute identifying the realm. Otherwise, the LoginModules will fail with "Unknown or no callback handler" when logging in with wallets.
Adding custom login modules are not supported yet.
Asserting a certificate identity between two servers where one of them is 5.0.1 or 5.0.2 will not work, update the 5.0.x install with the 5.1 vbsec.jar to fix the problem
On Solaris machines which have locales other than English, the installer may fail. If you see this stack trace, this is likely the problem:
Invocation of this Java Application has caused an InvocationTargetException. This application will now exit. (LAX)
Stack Trace:
java.lang.NoClassDefFoundError: sun/awt/motif/CharToByteX11JIS0208 at sun.awt.motif.MFontPeer.getFontCharset(MFontPeer.java:85) at sun.awt.PlatformFont.(PlatformFont.java:94) at sun.awt.motif.MFontPeer.(MFontPeer.java:61) at sun.awt.motif.MToolkit.getFontPeer(MToolkit.java:195) at java.awt.Font.initializeFont(Font.java:106) at java.awt.Font.(Font.java:121) at sun.awt.motif.MFramePeer.(MFramePeer.java:77) at sun.awt.motif.MToolkit.createFrame(MToolkit.java:121) at java.awt.Frame.addNotify(Frame.java:203) at com.zerog.ia.installer.Main.b(Unknown Source) at com.zerog.ia.installer.Main.main(Unknown Source) at com.zerog.lax.LAX.launch(Unknown Source) at com.zerog.lax.LAX.main(Unknown Source)
The workaround is to unset your LANG environment variable.
The installer uses the temp directory as set in the system properties to unpack its contents. If this temp directory does not have enough available space to do this, you will not be able to install Borland Enterprise Server
In such situations, you can workaround a shortage of space in the system temp directory by:
C:\> set IATEMPDIR=e:\space #Windows $ export IATEMPDIR=/export/space #Unix ksh % setenv IATEMPDIR /export/space #Unix csh
iaschangeowner
to set up the server to run as appropriate user:iaschangeowner -r <install_dir> -s <server_name> -o <owner> -g <group>
iaschangeowner options.
chmod 777 <install_dir>/var/servers
chown -R <owner <bes_install_dir>/SonicMQ
Install VMs are now bundled with the installers for AIX and HPUX. However, at this time JDKs are not installed with Borland Enterprise Server for AIX and HPUX. As such, during installation, the dialog for choosing a JDK for use with a AIX or HPUX install of Borland Enterprise Server will by default pick up the VM bundled with the installer as the default JDK path. For example, on a HPUX system:
Do not select this VM as the JDK for your installation of Borland Enterprise Server, as it will be deleted from the system temp directory as soon as installation is finished. Select a full JDK installation on your host, and proceed with Borland Enterprise Server installation using this JDK. For example, on a HPUX system:
To install Borland Enterprise Server as a root user on a NFS mounted filesystem, you must run the installer as the NIS server's root user, not the local host's root user. Installing any product as the local root user onto a NFS filesystem is an attempt to violate NIS security, and will result in the installed files having nobody/nobody ownership.
It is highly recommended that you do not install Borland Enterprise Server onto an NFS mounted volume. Doing so will degrade server performance, due to the overhead added by the network calls made for NFS file access. You will get best results running Borland Enterprise Server on a filesystem local to the host on which the server is running.
The installer for Borland Enterprise Server also installs and configures SonicMQ.
The following known issues pertain to Borland Enterprise Server's SonicMQ installation:
SonicMQ may silently fail to install, and the Borland Enterprise
Server installer may not report this failure. To verify this problem,
check the file <install_root>/SonicMQ/silent.log. If
it contains:
--------------------------------
Install started on Mon Nov 19 13:23:43 PST 2001
ERROR: in Configuration Process!: Mon Nov 19 13:23:50 PST 2001
Configuration directory missing. Mon Nov 19 13:23:50 PST 2001
ERROR: Installation encountered errors. Mon Nov 19 13:23:50 PST 2001this may be the cause. You may also see
Exception in thread "main" java.lang.NoClassDefFoundError: progress/message/tools/IBrokerManagerListener
at java.lang.ClassLoader.defineClass0(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:486)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)To correct the problem, take these steps.
Uninstall Borland Enterprise Server.
Make sure you have sufficient
temporary space in your home directory. On Unix and Linux, your home
directory is used for temporary space. On Windows platforms, your
user profile directory is used. This is typically on the same drive
as the system root, and the value is typically contained in the
environment variable %USERPROFILE%.
Reinstall Borland Enterprise Server .
Verify SonicMQ installation, either run the server or, check
<install_root>/SonicMQ/silent.log
SonicMQ uses a text file named vpd.properties to help manage multiple installations. The installation will create this file in your home directory on Unix and Linux and in your system directory on Windows systems. We do not recommend you delete or modify this file if you plan on have multiple SonicMQ installations.
The SonicMQ installer will leave temporary files and directories in your home directory on Unix and Linux, or in your user profile directory on NT. These directories typically have a name with a pattern like 'ismp*'. These directories may safely be deleted after installation.
On AIX, SonicMQ needs be installed as a root user. However, a non-root user can not start SonicMQ broker from BES Console.
To correct the problem, please take the following steps as a root user.
prompt> cd
<bes_install_dir>
prompt> chown -R <username> SonicMQ
The Apache IIOP connector has been
rewritten for the 5.1 release. What was formerly referred to as
mod_webapp is now implemented as mod_iiop.
The IIS variant of the IIOP
Connector (iisredir.dll) has been formally released
with 5.1.
On Unix platforms, all Apache modules are loaded by default.
You may load the modules you want by editing httpd.conf.
There is a known usage issue with the iiop connector and using
corbaloc strings as webcontainer_ids. If a corbaloc
string contains a hostname end-point that does not resolve to a valid
ip-address, then the iiop connector will be unable to use the
webcontainer_id. It will be rejected by the underlying
visibroker orb with a CORBA::BAD_PARAM exception.
One approach to avoiding this issue, is to emloy ip-addresses in the corbaloc string, instead of hostnames, though, if care is taken to verify hostnames when the webcontainer_id is set up, then the chance of this problem occuring is significantly reduced e.g:
webcontainer_id=corbaloc::192.20.34.10,:129.20.34.12/tc_inst1
Note: The above issue applies to both the Apache iiop connector and the IIS redirector.
When WSDL is requested on MDBQService in a browser through a
URL like http://localhost:8080/axis/services/MDBQService?wsdl,
you get the following error:
No 'className' option was configured for the service 'MDBQService'
An EJB jar with CMP2.0 entity
beans that persist to a mixture of datasources (like the ejb\perf
example) may require actual connectivity to all databases even
though only one is accessed at runtime. This is due to the current
model for initializing the PM for execution of finder queries where
all referred datasources are inspected at init time.
CMP2.0 automatic table creation may not work when the JDBC configuration requires XA datasource types.
Two ways to deploy a Connector to the serial context jndi provider:
Implement
javax.resource.Referenceable in the ConnectionFactory
- the ConnectionFactory class must implement
getReference() and setReference(), and
the Connector must include an ObjectFactory class for
the ConnectionFactory implementing
getObjectReference(). See the Local Connectors in the
VisiConnect example for examples of implementing
javax.resource.Referenceable in a ConnectionFactory
(JdbcDataSource.java and JdbcDataSourceFactory.java.
Package a jndi-definitions.xml
or a DAR defining the ConnectionFactory in the RAR,
and do not implement javax.resource.Referenceable
in the ConnectionFactory.
Deploying a Connection packaging jndi-definitions.xml or a DAR:
Module verification must be
turned off for both the Console/Iastool and the target Partition
when deploying a RAR with a bundled jndi-definitions.xml.
This is not needed when deploying a RAR with a bundled DAR.
During deployment of such RARs the following output will be produced by VisiConnect:
PartitionService: connectionfactory [serial://eis/whitebox-xa] has already been deployed to the serial jndi naming context as a jdbc datasource // ...
This is not an error or an exception. VisiConnect is
reporting that it found the serial://eis-whitebox-xa
ConnectionFactory to have already been deployed to the
serial jndi naming context, by way of jndi-definitions.xml
or DAR.
Server discovery can hang in certain configurations:
Discovery will hang if a server's management security is disabled, the management SSL listener port is set to a non-zero value, and the iiop listener port is set to 0. Please see the FAQ entitled "Server Discovery" for a complete description of discovery configuration options.
EJB Designer does not correctly support JDBC2 datasource properties.
You must set any JDBC2 datasource properties within a DAR module. Do not use the EJB Designer for setting these properties.
EJB Designer can corrupt JDBC2 datasources in DARs and jndi-definitions.xml.
As a workaround, keep copies of DARs outside any EARs containing EJB JARs. After using the EJB Designer within the EAR, restore all referenced DARs by copying them back into the EAR.
Renaming datasources in EJB Designer can be confusing.
The EJB Designer displays the datasource name in a tree node in the tree displayed in the lower left corner of DDEditor. For space reasons, the prefix 'serial://datasources/' is omitted. If you wish to edit that name, you may right click on that node, and select rename. When entering the new name, you should NOT include that prefix - only the remaining name information. The prefix will automatically be prepended to the name you enter.
When creating new deployment descriptors, EJB Designer will not allow the user to rename a bean or use the Classes/Packages button.
These functions are not currently supported.
DDEditor does not save edits of an EJB JAR after adding it to an EAR.
After adding an EJB JAR to an EAR, save the EAR, close the EAR, then reopen it in the DDEditor. You may then edit the EJB EAR. Failing to do this will result in loss of any edits made after adding the JAR.
DDEditor may unexpectedly remove XML elements describing the onMessage method and its parameters, for a message-driven bean.
Many J2EE examples (e.g. PetStore) include deployment descriptors for message-driven beans that fully define the onMessage method for that bean, as well as onMessage method parameters. These definitions are not required, and DDEditor will indicate this by displaying those elements in red. Acting on them in DDEditor will cause them to be removed from the file. This is correct behavior, and will not affect application function, but may be surprising to the user. The XML elements in question are <method>, <method-params> and <method-param>.
Configuration of authorization domains for partitions.
The definition and configuration of authorization domains for partitions has been enhanced by adding a GUI interface to assist rolemap definition/configuration. Some bugs exist in this implementation that can lead to confusion. This topic will be fully described in an additional Security FAQ to be available in early August 2002. When complete, this document will include a link to that FAQ. Prior to that, please contact support for assistance in this area.
The product provides mechanisms for printing version information for the binaries and libraries included in this release. In general use the executable vbver followed by the file to query version information.
For example vbver ias.exe prints:
Information for: ias.exe Product Name: Borland Enterprise Server Version: 05.01.00.C1.11 Copyright: (C) 1996, 2001 Company: Borland Software Corporation Build Date: 07/24/2002 07:58:48
Similarly, vbver vbjorb.jar prints:
Information for: ..\lib\vbjorb.jar Product Name: VisiBroker Developer for Java Version: 05.01.00.C1.10 Copyright: (C) 1996-2001 Company: Borland Software Corp. Build Date: 07/13/2002 13:51:22
To obtain version information for the utilities (such as idl2java, irep, idl2ir, etc.), pass the -version argument to the utility.
You must take the following steps when uninstalling Borland
Enterprise Server to make sure SonicMQ is uninstalled
properly.
(Note: This procedure is not
required if the installation is a Visibroker Standalone
Installation.)
Uninstall SonicMQ, using SonicMQ's
uninstaller. You can access the Windows uninstaller through the
Programs Menu or using the batch file
<install_root>/SonicMQ/uninstall.bat. You can
access the Unix or Linux uninstaller using the shell scripts
<install_root>/SonicMQ/uinstall.sh. The SonicMQ
uninstaller will prompt you about deleting a large number of files.
It is safe to say yes to all these requests.
Uninstall Borland Enterprise
Server. The uninstaller is available at
<install_root/UninstallerData/uninstall.exe on
Windows and <install_root>/UninstallerData/uninstall
on Unix and Linux.
It is safe to delete all remaining files under
<install_root>/