JBoss EAP 6.1部署SSO

原来开发时，SSO的war是部署在Tomcat上，现在需要迁移到JBoss。

JBoss在Linux上的安装很简单，直接解压即可运行。

因为项目使用的是JDK7，先安装JDK7.

1.安装JDK7

tar zxvf jdk-7u45-linux-x64.gz -C /usr/lib/jvm

vim ~/.bashrc
add:
export JAVA_HOME=/usr/lib/jvm/jdk1.7.0_45  
export JRE_HOME=${JAVA_HOME}/jre  
export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib  
export PATH=${JAVA_HOME}/bin:$PATH

source ~/.bashrc

2.   安装JBoss

unzip jboss zip文件
export JBOSS_HOME=/usr/local/jboss-eap-6.1

3. 修改standalone.xml文件，绑定主机名或IP，以便远程登录Web Console

    <interfaces>
        <interface name="management">
            <inet-address value="${jboss.bind.address.management:192.168.1.18}"/>
        </interface>
        <interface name="public">
            <inet-address value="${jboss.bind.address:192.168.1.18}"/>
        </interface>
        <!-- TODO - only show this if the jacorb subsystem is added  -->
        <interface name="unsecure">
            <inet-address value="${jboss.bind.address.unsecure:192.168.1.18}"/>
        </interface>
        <interface name="ipv4">
            <any-ipv4-address/>
        </interface>        
    </interfaces>

4. 添加管理用户sso

./add-user.sh

5. 生成JBoss服务器的证书

5.1.创建keyPair

keytool -genkey -alias jbosskey -keyalg RSA -keysize 1024 -keystore server.keystore -validity 365 -keypass changeit -storepass changeit -dname "cn=cas.xxxx.cn, ou=XXXX, o=XXX, L=Shenzhen, st=Guangdong, c=CN"

5.2.导出公钥并导入到信任证书库

keytool -export -trustcacerts -alias jbosskey -keypass changeit -storepass changeit -file server.crt -keystore server.keystore
keytool -importcert -trustcacerts -alias jbosscert -keypass changeit -storepass changeit -file server.crt -keystore server.keystore

5.3.查看证书

keytool -list -keystore server.keystore -storepass changeit

6.  修改standalone.xml文件,增加SSL连接配置
        <subsystem xmlns="urn:jboss:domain:web:1.4" default-virtual-server="cas.xxxx.cn" native="false">
            <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
            <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
                <ssl key-alias="jbosskey" password="changeit" certificate-key-file="${jboss.server.config.dir}/server.keystore" protocol="TLSv1" verify-client="false" ca-certificate-file="${jboss.server.config.dir}/server.keystore"/>
            </connector>
            <virtual-server name="cas.szse.cn" enable-welcome-root="true">
                <alias name="localhost"/>
                <alias name="cas.xxxx.cn"/>
            </virtual-server>
        </subsystem>

7. 部署使用 jboss-cli 或者 web console(http://ip:9990/console)
cd /usr/local/jboss-eap-6.1/bin
./jboss-cli.sh
connect 192.168.1.18
deploy /usr/local/cas.war

8.部署SSO的war出现了下面的错误，附解决方法

8.1. Error 1
    "failure-description" => {"JBAS014671: 失败的服务" => {"jboss.persistenceunit.\"cas.war#CasPersistence\"" => "org.jboss.msc.service.StartException in service jboss.persistenceunit.\"cas.war#CasPersistence\": javax.persistence.PersistenceException: [PersistenceUnit: CasPersistence] Unable to build EntityManagerFactory
    Caused by: javax.persistence.PersistenceException: [PersistenceUnit: CasPersistence] Unable to build EntityManagerFactory
    Caused by: org.hibernate.HibernateException: Connection cannot be null when 'hibernate.dialect' not set"}},
    "rolled-back" => true
解决方法：修改WEB-INF\classes\META-INF\persistence.xml，在persistence-unit中增加
        <properties>
        <property name="jboss.as.jpa.managed" value="false"/>
        </properties>    
8.2. Error 2    
(ServerService Thread Pool -- 77) JBWEB000284: Exception starting filter characterEncodingFilter: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'log4jInitialization' defined in ServletContext resource [/WEB-INF/spring-configuration/log4jConfiguration.xml]: Invocation of init method failed; nested exception is java.io.FileNotFoundException: class path resource [log4j.xml] cannot be resolved to absolute file path because it does not reside in the file system: vfs:/W:/Java/jboss-eap-6.1/bin/content/cas.war/WEB-INF/classes/log4j.xml
解决方法：把WEB-INF\spring-configuration\log4jConfiguration.xml中的下面内容注释掉
<!-- Breaks on JBoss
     <bean id="log4jInitialization" class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
         <property name="targetClass" value="org.springframework.util.Log4jConfigurer"/>
         <property name="targetMethod" value="initLogging"/>
         <property name="arguments">
             <list>
                 <value>${log4j.config.location:classpath:log4j.xml}</value>
                 <value>${log4j.refresh.interval:60000}</value>
             </list>
         </property>
    </bean>
-->
8.3. Error 3
Caused by: javax.management.JMRuntimeException: Failed to load MBeanServerBuilder class org.jboss.as.jmx.PluggableMBeanServerBuilder: java.lang.ClassNotFoundException: org.jboss.as.jmx.PluggableMBeanServerBuilder
解决方法：修改META-INF/MANIFEST.MF
    Manifest-Version: 1.0
    Dependencies: org.jboss.as.jmx