Post on 03-Jul-2018
© 2009-2010 IBM CorporationDate
Presented by IBM developerWorksibm.com/developerworks/
WebSphere Application Server v7WebSphere Application Server v7
Introducing WebSphere Application Server v7
IBM WebSphere Technology Events
Catherine Ezvan
Frédérik Aouizerats
Frédéric Berzolla
2
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Agenda Packaging and Install
• Demo – profile creation
Standards
• JEE 5 – EJB 3 - JPA
• WebServices
• Demo – WebServices Management
Administration
• Flexible Management
• Business Level Applications
• Demo – create and test cluster
Security
• Mini CA
• Fine Grained Authorization for Admin Console Access
• Security Domains
• Auditing
Messaging
Cloud
Wrap-up and Next Steps
3
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Demos Throughout the event, you will see in-depth demonstrations of the products
in action
4
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Agenda
Packaging and Install
• WebSphere Products Map
• Centralized Installation Manager
• Install Factory
• Demo – profile creation
Standards
Administration
Security
Messaging
Cloud
Wrap-up and Next Steps
5
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
WebSphere Product Map – Capability Classification
Ap
ps
&
Info
As
sets
Business Innovation & Optimization ServicesD
ev
elo
pm
en
tS
erv
ice
s
Interaction Services Process Services Information Services
Partner Services Business App Services Access Services
Integrated environment
for design and creation of solution
assets
Manage and secure
services, applications
& resources
Facilitates better decision-making with real-time business information
Enables collaboration between people,
processes & information
Orchestrate and automate business
processes
Manages diverse data and content in a unified
manner
Connect with trading partners
Build on a robust, scaleable, and secure services environment
Facilitates interactions with existing information and application assets
ESBFacilitates communication between services
IT S
erv
ice
Ma
na
ge
me
nt
Infrastructure ServicesOptimizes throughput, availability
and performance
WebSphere Process Server
WebSphere Portal
WebSphere Information Server
WebSphere Application Server
WebSphere Partner Gateway
WebSphereAdaptersWebSphere XD
WebSphere ESB
WebSphere Message Broker
WebSphere Service Registry
& Repository
DataPower
WebSphere Integration Developer
Rational Application Developer
Rational Software Architect
Rational®RequisitePro
WebSphere Business Modeler
WebSphere ND
WebSphere Business Monitor
6
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Packaging
• Product install will continue to have the same look and feel as WebSphere Version 6
• SCA FEP for V7 released
Web
Sp
her
e A
pp
licat
ion
S
erve
r N
etw
ork
Dep
loym
ent
(Clu
ste
red
, m
ult
i-m
ach
ine
)
Ker
nel
(Sin
gle
Ser
ver)
Web-based Administration, Web ServicesWeb-based Administration, Web Services
Deployment Manager, Node Agent, ClusteringDeployment Manager, Node Agent, Clustering
Work Manager, Application Profiles, etc.Work Manager, Application Profiles, etc.
JDK 6JDK 6
EJB Container, MessagingEJB Container, Messaging
Web, SIP, Portlet Containers (Servlets, JSPs, XML)Web, SIP, Portlet Containers (Servlets, JSPs, XML)
High Availability Manager, Edge ComponentsHigh Availability Manager, Edge Components
Job ManagerJob Manager
Admin AgentAdmin Agent
Proxy ServerProxy Server
Plus…..
Secure Proxy Server
Application Client
Thin client libraries
IHS/plugin
Install tools
App development tools
IBM Support Assistant
ITCAM subset
7
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Installation options
WebSphereProductBinaries
WebSphereProfile+
1 2
3
Install Image
Install
WebSphereProfile
Create profile
OR
V7 Node
V7 Node Agent
V7 Deployment
Manager
OR
OR
V7 Node Agent
V7 Node
V7 Deployment
Manager
V7Application
Server
V7Application
ServerDefault Profile
Install product binariesand option to install WebSphere Samples orLanguage Packs
Optionally create a default WebSphere ProfileA. Cell (DMGR and managed node)B. Management C. Application server D. Custom profile (managed node)E. Secure proxy
Create profiles afterinstallation
Server
A
B
C
D
8
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Command-line installation
Installer binary location:
• <IMAGE_DIR>\WAS\install.exe
• <IMAGE_DIR>/WAS/install
Silent installation option uses a single file to specify various product install options and to create a profile
• <IMAGE_DIR>/WAS/install –options “response_file_name” –silent
• Sample file: <IMAGE_DIR>/WAS/responsefile.nd.txt
• License acceptance must be changed to “true”
Windows ®
LINUX® / UNIX ®
9
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Prerequisite checking
The installer checks these prerequisites
• Operating system level
• Sufficient disk space
• User authority (permissions)
Users can choose to ignore warnings and continue
Silent installation will stop if the check fails
• Use -OPT disableOSPrereqChecking="true” to override
10
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Centralized Installation Manager
Simplifying Installation & Deployment
Supports centralized installation from the Deployment Manager to Nodes in the cell
Single install to the Deployment Manager which allows Push install package from DMGR to endpoints
– Select a set of hosts and push to those endpoints
– Installs appropriate endpoint code based on type of endpoint
– Agent-less
Centralization of patch management
11
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
What Install Factory Does
Install Factory is a tool for creating automated, customized WAS install packages
Greatly simplifies the process; provides simple GUI and CLI for creating the Custom Install Package (CIP)
Eliminates variations – all Custom Install Packages are created the same way
• Much easier for IBM to support
Added in V7
• Span media
• Reduced install image size
• Secure DMZ Proxy Server handling
• Supports V7 admin capabilities
Automated, customized WAS install package
CreateUseISV etc.
12
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
CIP Creation - Input and Output
Automated, customized WAS install package
OutputInput
Deploy
One or more of…
Feature Selections
WAS binaries (from7.0 GA install image)
Maintenance packages(e.g. 7.0.1, 7.0.1.1, andinterim fixes)
Config archives (fromexisting installation)
Apps to be deployed
Scripts to be run
Additional files to be installed
IIP adds Feature Packs
Demo
OEM
Other
13
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
WAS v7 Tools Packaging
RAD for WebSphere FeaturesRAD for WebSphereProgramming Model Tools• EJB3 productivity features• Domain Modeling (visual edit)
• Java, EJB, XSD, WSDL, Data, • Web Development (visual edit)• Web 2.0
• REST Style Services, Javascript, Dojo• Web Services productivity features• Basic Code Review, Java & EJB• Portlet and Portal ToolsMiscellaneous• Extra Debuggers (XSLT, stored proc…)• XML productivity features• Code Coverage• Relational Data• Crystal Reports (tools only)• WAS n-2 support• WAS test servers v6.0, v6.1, v7.0• JCA
• CICS and IMS Adapters• WAS Adapters
• SAP, Siebel, JDE, Oracle, PeopleSoft• RTC Client• CC SCM Adapter• ReqPro• RUP
RAD Assembly and Deploy•Jython tools•J2EE 1.4 (same level as AST 6.1)•JEE5 XML-form based DD editors•JEE5 application support•WAS 7.0 support only•WAS debug extensinos•Application Deployment Support (WAS7.0)•RAC
• Comprehensive tools to improve developer productivity…targeting IBM Middleware
• Full-featured Integrated Dev Environment (IDE)
• Tutorials, demos, wizards and sample code
• Perpetual license as part of WAS
• Support for creating, building, testing and deploying J2EE 1.4 applications
• Basic support for Java EE 5 applications
• Support for building, testing and deploying Java EE 5 applications
RAD Assembly and Deploy Features
14
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Improved PerformanceNew features empower businesses to anticipate and adjust to mission-critical issues
Spotlight: Optimized runtime performance decreases footprint, saves energy & cuts cost
V6.1 Dominates the overall benchmark category by 33%
V6.1 Technology that costs half the price of the competition running more than 75,000 transactions per second against a database.
V6.1 Commanding lead in the throughput per core and single 4-core system categories
V7 Web Services performance improvements of up to 100% over the WAS V6.1 Web Services FEP
V7 EJB3 performance improvements of over 30%
V7 64-bit memory footprint reduced by 33% and overall performance improved by 10%. 64-bit memory and performance now equivalent to 32-bit!
WebSphere Application Server Performance Landscape
15
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
DeploymentDeploymentManagerManager
Machine 1Machine 1
NodeNodeAgent 1Agent 1
Machine 2Machine 2
NodeNodeAgent 2Agent 2
Clone1Clone1 Clone2Clone2Cluster 1Cluster 1
Dmgr01 profile
AppSrv02 profile
Custom02 profile
PluginPlugin
IHSIHS
DEMO Profile creation using the Profile Management Tool(PMT)
16
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Agenda Packaging and Install
Standards
• JEE 5
• EJB 3
• JPA
• WebServices
• Demo – WebServices
Administration
Security
Messaging
Cloud
Wrap-up and Next Steps
17
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Java EE version 5
Improved developer experience
• EJBs are developed as Plain Old Java Objects (POJOs), very simple to develop and unit test
• Follows the concept of progressive disclosure
• Exploits the annotation support added in Java SE V5, to reduce the number of artifacts required to build business applications
• New Persistence API that allows simpler entities to be created using annotated POJO model
Integration with the latest Web Services Standards
Enhanced support for Web Applications
Just-In-Time Deploy feature for EJB 3.0 components (no EJBDeploy step required)
Automatic default bindings and reference resolution for EJBs
New XML-based binding file format
• bindings may be defined and edited independently of WebSphere-specific tooling
18
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Java SE Version 6
Developer Productivity
• Java Compiler API – the ability to invoke the compiler from with the JVM
• Java Scripting support – gives scripts the ability to access APIs in the JVM
Upgrades to existing components
• JMX – MBean event generation at thresholds
• Java Web Start – JNLP spec upgrade
Added components
• Web Services
– JAX-WS
– JAXB
– StAX
• JDBC 4.0
19
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
EJB 1.x / 2.x Session Beanpubl i c cl ass Account Tr ansf er Cont r ol l er I mpl
i mpl ement s Account Tr ansf er Cont r ol l er ,
j avax. ej b. Sessi onBean
{
publ i c voi d t r ansf er Bet ween
( i nt f r om_account , i nt t o_account , f l oat amount )
t hr ows Account Tr ansf er Except i on
{
Cont ext ct x = new I ni t i al Cont ext ( ) ;
/ / get a r ef t o a “Debi t Cont r ol l er ”
debi t C =
( ( Debi t Cont r ol l er Home)
ct x. l ookup( “j ava: comp/ env/ Debi t Ct l r ”) )
. cr eat e( ) ;
/ / get a r ef t o a “Cr edi t Cont r ol l er ”
cr edi t C =
( ( Cr edi t Cont r ol l er Home)
ct x. l ookup( “j ava: comp/ env/ Cr edi t Ct l r ”) )
. cr eat e( ) ;
( st ar t a t r ansact i on)
debi t C. act i on( f r om_account , amount ) ;
cr edi t C. act i on( t o_account , amount ) ;
( commi t t he t r ansact i on)
}
publ i c voi d ej bAct i vat e( ) { }
publ i c voi d ej bPassi vat e( ) { }
publ i c voi d ej bRemove( ) { }
}
publ i c i nt er f ace Account Tr ansf er Cont r ol l er
ext ends j avax. ej b. EJ BObj ect
{
publ i c voi d t r ansf er Bet ween
( i nt f r om_account , i nt t o_account , f l oat amount )
t hr ows Account Tr ansf er Except i on,
j ava. r mi . Remot eExcept i on;
}
Interface Implementation
Bad: The Interface and Implementation are no longer Pure Business (POJO)
20
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
(Partial) EJB 1.x / 2.x Deployment Descriptor<ej b- j ar >
<ent er pr i se- beans>
<sessi on>
<descr i pt i on>Account Tr ansf er Cont r ol l er EJ B</ descr i pt i on>
<di spl ay- name>Account Tr ansf er Cont r ol l er EJ B</ di spl ay- name>
<ej b- name>Account Tr ansf er Cont r ol l er </ ej b- name>
<home>com. mycompany. Account Tr ansf er Cont r ol l er Home</ home>
<r emot e>com. mycompany. Account Tr ansf er Cont r ol l er </ r emot e>
<ej b- cl ass>com. mycompany. Account Tr ansf er Cont r ol l er I mpl </ ej b- cl ass>
<sessi on- t ype>St at el ess</ sessi on- t ype>
<t r ansact i on- t ype>Cont ai ner </ t r ansact i on- t ype>
</ sessi on>
</ ent er pr i se- beans>
<assembl y- descr i pt or >
<cont ai ner - t r ansact i on>
<met hod>
<ej b- name>Account Tr ansf er Cont r ol l er </ ej b- name>
<met hod- name>*</ met hod- name>
</ met hod>
<t r ans- at t r i but e>Requi r ed</ t r ans- at t r i but e>
</ cont ai ner - t r ansact i on>
</ assembl y- descr i pt or >
</ ej b- j ar >
21
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
EJB 3.0 Session Bean @St at el ess
publ i c cl ass Account Tr ansf er Cont r ol l er I mpl
i mpl ement s Account Tr ansf er Cont r ol l er
{
/ / get a r ef t o a “Debi t Cont r ol l er ”
@EJ B Debi t Cont r ol l er debi t C;
/ / get a r ef t o a “Cr edi t Cont r ol l er ”
@EJ B Cr edi t Cont r ol l er cr edi t C;
publ i c voi d t r ansf er Bet ween
( i nt f r om_account , i nt t o_account , f l oat amount )
t hr ows Account Tr ansf er Except i on
{
debi t C. act i on( f r om_account , amount ) ;
cr edi t C. act i on( t o_account , amount ) ;
}
}
publ i c i nt er f ace Account Tr ansf er Cont r ol l er
{
publ i c voi d t r ansf er Bet ween
( i nt f r om_account , i nt t o_account , f l oat amount )
t hr ows Account Tr ansf er Except i on;
}
Interface
Good: This remains a Pure Business Interface and Implementation
A Plain Old Java Object (POJO)
Can be unit tested outside of the container!
22
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
EJB 3.0 Deployment Descriptor
XML Deployment Descriptor:
Is optional
Configuration by Exception
Can be used as alternative to annotations, or combined with them
Not required
23
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Put Away that EJBDeploy Tool!
New: Just-In-Time Deployment for EJB 3.0 Modules
WriteEJB
EJBModule
EJBDeployTool
UpdatedEJB
Module
Load IntoServerand Test
Good?
DoneDebug
and Update
No Yes
BONUS: It’s Actually Faster at Runtime Than Before!
Benefits To You: Quicker update-compile-test cycle, Improved developer productivity, Less hassle
Old: Process all your EJBs through the EJBDeploy tool before use
24
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
No More Assigning Bindings! (Unless you want to)
New: Default Binding Names for EJB 3.0 Interfaces
Assign JNDI
Name to Each EJB
Home
(Not that you’ll necessarily need to actually look them up….)
Resolve Each EJB
Reference to Target EJB JNDI Name
Install EJB Application
Ready to Run
Old: Manually Resolve Each EJB Ref to its Target EJB JNDI Name
New: AutoLink Feature Automatically Locates the “Right” Target EJB
Benefits To You:Less manual effort, Quicker development cycle, Improved productivity
Old: Assign JNDI Names For Every EJB Home During Install
25
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Freedom To Use Your Own Build Process!
<sessi on name=“BASer vi ceBean“ si mpl e- bi ndi ng- name=“ser vi ces/ BASer vi ce” / >
Use RAD, AST, or System
Management App Install
Machine-Readable, Verbose, Binding Definition
Files (.xmi)
Use Anything
You Want!
Human Readable/Writable, Sparse, Binding Definition
Files (.xml)
Old
New
Example – to override a default EJB interface binding:
Benefits To You:Build “ready to run” apps without human intervention, Full control over your process
New: Documented, XML-based sparse binding file format
Old: Human intervention required during app builds
Assign Binding and Target Resolution Overrides
26
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Data Persistence Evolution
Plain JDBC
• Usually requires custom coding and leads to home grown frameworks.
EJB 2.x CMP Entity Beans
• CMP is perceived as failure in the market place.
– Bad press (serverside.com)
– Mapping done completely different from vendor to vendor, defeats portability gain.
• Programming model is heavy weight.
– Too many interfaces.
– Objects always connected, requires extra Data Transfer Object Layer in almost every case.
JPA (Java Persistence API)
• EJB 3 Specification selected in favor of JPA (over CMP model)
– JPA moves toward patterns from TopLink, Hibernate, and JDO
27
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Java Persistence API (JPA)
Standard persistence technology for Java Enterprise Edition 5• A form of O/R mapping (called container managed persistence in Java EE 1.3/4)
• Designed for highly distributed applications
• Lifecycle manageable by application server to increase quality of service
EJB specification made very significant changes:• Standardizes O/R mapping metadata (not the case for EJB 2.x)
• Java SE 5.0 Annotations can be used instead of XML deployment descriptor
• No deploy code implementing abstract classes— Entities are POJOs
• Application Server is not required
– The Java Persistence API is available outside of Containers
– Unit testing greatly simplified
• Removal of checked exceptions (for instance, remote exceptions)
• No bean (or business) interface required
28
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
JPA Persistence Feature Support
Types –Entities
• Entities are Plain Old Java Objects (POJOs) with Annotations…
• Or, they can be supported by mapping files
@Entity@Table(name="CUSTOMER")public class Customer implements Serializable {
Java File: Customer.javapublic class Customer implements Serializable {…}
Mapping file: customer.xml<entity class=“Customer" > <table name=“CUSTOMER" />
…</entity>
29
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
The next level of the Portlet Programming model
• Portlets will now be able to send and receive events in order to perform changes to the portlet state triggered by events
• Portlets will now be able to share session attributes with servlets and jsps located within the same web application
• Portlets will now be able to share render parameters with other portlets
• Portlets will now be able to serve resources in the context of the portal
Portlet
Container
EventBroker
PortletC
ont aine
rInvok er AP
I/SP
I
Portle
t AP
I
Portlet
action
sendEvent
event (Option 1)
event (Option 2)
receiveEvent
JSR 286 – Portlet Specification 2.0
30
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Web Services Specification Upgrades
WS-I
• Basic Profile 1.2, 2.0, Reliable Secure Profile 1.0
OASIS
• WS-ReliableExchange (WS-ReliableMessaging), WS-SecureExchange (WS-Trust/WS-SecureConversation, WS-SecurityPolicy), WS-Transaction (WS-AtomicTransaction, WS-BusinessActivity), Kerberos Token Profile, WS-DistributedManagement (WSDM)
W3C
• SOAP 1.2, MTOM, XOP, WS-Security 1.1, WS-Addressing Metadata, WS-Policy
Others
• WS-MetadataExchange
31
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Profiles for Prioritization
WS-I Basic Profile 1.1
WS-I Attachment Profile
WS-I Simple SOAP Profile
WS-I Basic Security Profile 1.0 WS-Security 1.0 UsernameToken Profile
WS-I Reliable Secure Profile(RAMP Profile)
WS-ReliableMessaging
WS-SecureConversation
WS-Trust
Kerberos SAMLWS-I Basic Security Profile 1.1 WS-Security 1.1
WS-I Basic Profile 1.2
WS-I Basic Profile 2.0
MTOM
WS-Addr
SOAP 1.2
X.509 Token Profile
LTPA Token
32
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Web Services: Qualities of Service and Policy Sets
QoS Definitions:
• Policy Type - A single cohesive type of QoS, defined by an XML Schema.
– WS-Security, WS-Addressing, WS-ReliableMessaging, HTTPS, WS-Transaction
• Policy - A named, configured Policy Type, described by an XML instance.
• Policy Set - A named collection of Policies, pre-canned or user-defined.
– LTPA WSSecurity default, Kerberos V5 HTTPS default, SSL WSTransaction, Username SecureConversation, Username WSSecurity default, WS-Addressing default, WSHTTPS default, WS-ReliableMessaging persistent
Services:
• Policy Sets are managed via the WAS Admin Console.
• Policy Sets are attached to service components by the container.
Clients:
• Policy Sets are managed via the Eclipse platform.
• Policy Sets are attached to service components via an “attachments” file.
• Ability to import and export Policy Sets between Eclipse and WAS is key.
33
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Web Services : Qualities of Service and Policy
34
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Administration improvements ease Web services management
35
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
WAS Service Sharing Web service Configuration in Interoperable Format
Websphere Application Server
Share Policy Set configuration
(administratively or via RAD tools)
Web ServiceWSDL document
containing configuration in ws-
policy format
HTTP GET
or
WS-MetadataExchange GetMetadata request
36
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
DEMO Managing WebServices with WebSphere Application Server v7
37
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Agenda Packaging and Install
Standards
Administration
• Flexible Management
• Demo - Admin Console Overview - Create a cluster
• Business Level Applications
• Demo – App Intallation – Cluster failover
• Script Library
• Properties File Based Configuration
Security
Messaging
Cloud
Wrap-up and Next Steps
38
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Flexible Management
Reduce Overhead of Administration – Admin Agent
• Reduce App Server footprint related to admin functions
• Consolidate IBM Management Agents
Drastically increase Scale for Administration – Job Manager
• Remote Administration option
• Flexible Management is “loosely coupled” management
• Asynchronous, non-blocking admin jobs queued for agent execution on the nodes
• Nodes are autonomous
Flexible Management is an option
• Backwards compatibility requirements
39
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
New Flexible Management Option
WebSphere Application Server7.0 Base Product Architecture
Admin agent registered as asystem service.
Separate console server to offload pure Application Server.
Local control of node does not change after registration.
Federation is much quicker and less involved.
Better management of web servers and other non-Application Server elements.
Admin agent included in Base product
Serverconfiguration
Node A
Admin scripts
Node Aconfiguration
Cell config
Admin console
AdminAgent
AppServer
Admin logic hosted in separate JVMfrom application server
Admin agent can manage multiple local nodes
40
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
WebSphere Flexible Job Manager
Application Server• Programming Model• QoS • Security• Cluster capable
ServerServer
ServerServer
ServerServer
Manager
Systems Manager• Control multiple servers• Remote management• Choice of loose or tight coupling
ServerServerServer
Network Deployment
Cell
Server
Server
Server
Job Manager• Control Multiple Base Servers• Remote Management• Highly Scalable
41
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Current Base WebSphere Topology
All Administrative Logic hosted on app server
• Admin Console runs in app server
• Scripts run against app server (can not start/stop app server dynamically)
Application server process has administrative overhead
Can not manage multiple servers in a base profile
Node A
Admin scripts
Serverconfiguration
Nodeconfiguration
Cell config
Admin console
Cell A
AppServer
Supported in V7
42
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Administrative Agent Topology
Separate administration from application request processing
• Application server no longer central point of management
• Reduce server footprint
Transparency for base vs. ND configuration
Can manage multiple servers in a base profile
AdminNode
Admin scripts
Serverconfiguration
Nodeconfiguration
Cell config
Admin console
AppServer
AppServer
AppServer
Cell A
AdminCell
Node A
AdminAgent
43
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Administrative Agent Topology (2)
Admin Agent can manage multiple base profiles
• All profiles created from same WebSphere installation
• Unique admin ports in admin agent for each managed profile
• Administrative console provides choice of profiles to be managed
AdminNode
Admin scripts
Admin console
AdminCell
AdminAgent
AppServer
AppServer
AppServer
Instance A
Node A
AppServer
AppServer
AppServer
Instance B
Node B
44
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Flexible Management (Server Farm Scenario)
Loosely coupled Job Manager
• Local node “Autonomy” unlike ND topology
• Loose federation – Not “slave” to Deployment Manager
Develop/Unit Test/QA scenarios
AdminNode
AdminCell
JobManager Admin
AgentBaseNode
BaseNode
BaseNode
45
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Flexible Management (Branch Scenario)
JobManager
Dmgr
Dmgr
Dmgr
Dmgr
AdminAgent
Dmgr
AdminAgent
JobManager
Supports high latency remote branch servers
• Asynchronous job execution – uses DMS technology for job delivery
46
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Flexible Management Administration Model
Job Manager
• Coordinates management operations across a group of endpoints, e.g. one job to install application across a number of nodes
• Can manage base servers (via admin agent) or ND deployment manager
• Can send email notification upon completion
Flexible Management Job
• Provides high level management functions like create/start/stop servers, install applications etc.
• wsadmin job
• Asynchronous, may recur, has activation/expiration times
47
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Node Management Interface
48
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Node Group Management Interface
49
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Job Management Interface
50
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Business Level Applications (BLA)
New Administration model that captures enterprise level application definition
• Application=EAR notion deemed inadequate
• Applications are composed of multiple packages
• Applications additionally contain libraries, non-Java EE artifacts
• Applications may include artifacts that run on heterogeneous runtimes (WebSphere and non-WebSphere)
• Application definition may be recursive: may include other applications
A grouping notion to manage Java EE and other artifacts under single application definition
51
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
WebSphere Business Level Applications
Expanding the notion of “Application” beyond J2EE
New formats for deployable packages
• for example: SCA, Shared Lib, Proxy Filters, Static Content, SIP archives, BPEL, …
Extensible deployment logic framework
• Registered Content Handlers for each type of deployable format
Supports more than Application Server deployment target runtimes
• for example: Proxy Server, Web Server, CE, etc.
Full lifecycle management of applications
• Install, distribute, activate, monitor, update, remove
BLA1
EJB Module Web
Module
BLA3
CICS Transaction
DB2 Database
Portlet Module
JAX-WS Web Service
Module
BLA2
WAR
J2EE Enterprise
App
JAREAR
Axis2 PAR
Business Logic
Configuration
Composition
52
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Business Level Applications
Control operations driven recursively on the composition
BLA1
Java EE App2
BLA2
Java EE App3
Shared Lib1
Shared Lib2
Java EE App1 Proxy
Filters
Start
53
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
DEMO Create a multi-node cluster
Install an Enterprise Application (defaultApp)
test the cluster failover
DeploymentDeploymentManagerManager
Machine 1Machine 1
NodeNodeAgent 1Agent 1
Machine 2Machine 2
NodeNodeAgent 2Agent 2
Clone1Clone1 Clone2Clone2
Cluster 1Cluster 1
Dmgr01 profile
AppSrv02 profile
Custom02 profile
PluginPlugin
IHSIHS
54
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Script Library
All script writers need samples / best practices
V7 delivers a set of wsadmin scripts for common administrative functions like -
• Management of Java EE applications and BLAs
• Server/Cluster management functions
• Resource management functions (DataSource, J2C artifacts etc.)
• Security Configuration
Use samples directly, edit/combine into your own custom scripts, use for learning
• located in $WAS_HOME/scriptLibraries directory
V6.1 scripts also included!
55
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Properties File Based Configuration
Uses simple properties file to get/set configuration attributes or create/delete certain configuration artifacts
• wsadmin scripts deemed too complex for simple get/set operations
• Properties file can be easily modified manually or using a tool
• Properties file can be used to “diff” two configurations
• Properties can be copied from one environment to another
Administrative Commands to extract/apply properties
• Properties can be extracted from / applied to cell, node, server, cluster, application scope
• Properties can be validated without applying
• Property values can contain variables
56
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Properties File Based Configuration (2)
Sample properties for JDBC Provider
• Contains resource identifier and property/value pairs
## SubSection 1.0 # JDBCProvider attributes#ResourceType=JDBCProviderImplementingResourceType=JDBCProviderResourceId=cells/myCell|resources.xml#builtin_jdbcprovider###Properties#classpath={${DERBY_JDBC_DRIVER_PATH}/derby.jar,/my.jar}implementationClassName=org.apache.derby.jdbc.EmbeddedXADataSourcename=Derby JDBC Provider (XA)nativepath={}description=Built-in Derby JDBC Provider (XA)providerType=Derby JDBC Provider (XA)xa=true #boolean
57
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Properties File Based Configuration Utility
Properties File
Processing Utility
Processing Command Options:
Properties File(s)
Property_name = “foo”
Scope = Server
Name = “server1”
MaximumHeapSize= 1024
ORB_LISTENER_ADDRESS_PORT = 9001
# ---------------------------
# comment line
# ---------------------------
extract
apply
delete
WebSphere
Configuration Repository
58
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Mixed Cell Support
V7 ND cell supports nodes running at V5.1, V6.0.2 or V6.1 level
• Deployment Manager must be at V7
V6x node can be added to a V7 cell
Configuration validation to ensure correct application targeting and resource configuration
Cell 7.0
The cell can operate in this mode for indeterminate amount of time
Node 6.x
Node 7.0
Server 3
Server 4
Server 5
Server 6 EE 5Capabilities
Node 5.1
Server 1
Server 2
59
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Dynamic Runtime Provisioning
Starting V6.1 application Server runtime componentized into a set of OSGi bundles
V7 offers a mode for dynamic provisioning of application server
• Server Runtime further broken down into container specific runtime bundles and bundle groups
• Application installation time dependency check to create an Application Activation Plan
• Server level flag to start runtime components as needed
– Turned off by default
60
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Runtime Provisioning
Dynamic start of app server components based on application needs
Reduces the runtime footprint – less memory required
Can significantly reduce startup times
HA ManagerSecurity
SIP ContainerWeb ServicesEJB ContainerWeb Container
V6.1 Server
Infrastructure…HA Manager
SecuritySIP ContainerWeb ServicesEJB ContainerWeb Container
V7 Server
Infrastructure…
Dynamically
Activated!!
All
Activated
61
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
How to activate runtime provisioning
In the administrative console
• Application servers > serverName page > Start components as needed
62
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
AgendaPackaging and Install
Standards
Administration
Security
• Mini CA
• Fine Grained Authorization for Admin Console Access
• Security Domains
• Auditing
Messaging
Cloud
Wrap-up and Next Steps
63
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
“mini CA”
By default a single trusted signer now signs all certificates in a WAS cell
• This is a chained certificate (essentially a mini-CA)
• Cell level signer good for 15 years by default
• Individual certificates good for 1 year by default (can be changed during profile creation)
When certificates expire, they are replaced automatically
• Since the certificates are issued by a common signer, the one common signing certificate remains good (unlike with self-signed certificates in V6.1)
Cross cell SSO will be easier to configure as well
• Only one signer to exchange, not one for each node
64
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Profile Creation
Profile creation is designed to provide users with the opportunity to make decisions about the server's default certificates
• Only available on the profile creation advanced path
• Ability to customize the DN of the default signing certificate and default certificate
• Set the life span of the signing certificate and default certificate
• Import a certificate to be the signing certificate or default certificate, available on distributed platforms only
• Provide a password for the key stores created during profile creation
65
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Administrative Isolation
WAS already supported multiple administrators with different permissions at the cell level
• Now we support different permissions at finer grained level of resources
• Node, node group, server, cluster, application
• Technically this was in WAS V6.1 but it was only for scripting, now the console supports fine grained permissions as well
Authorization groups control permissions at a finer level
• You can define as many authorization groups as you like and assign whatever resources to them you like (and change this mapping later)
• They contain a set of resources that share a common permission set
• They are assigned a set of users or groups that have been granted administrative roles on those resources
66
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Create a Authorization Group
Create the group and assign it to resources
Then add groups or users
Here I’m configuring the ‘test’authorization group to apply to server1
67
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Grant a User/Group Permissions in Group
Select the role
Search for and select users or groups
Here I’ve granted ‘keys’the Operator permission in the ‘test’authorization group
You have to look at the test authorization group resources (previous slide) to see what that applies to
68
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Admin Console Filtering Based on Authorization Groups
Notice that the console limits what I can do
Here I’m logged in as ‘keys’
This panel will display the actions you are authorized for
E.g., you might see New or Delete buttons as well if authorized
69
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Security Domains
Lets you specify security configuration values at a scope of less than the entire cell
• Domains are then assigned to Cell, Clusters, application servers, and SIBus
• Domains cannot be assigned at the application level or node level
• Admin can have a separate security configuration from the Domains used by applications
Most security attributes can be optionally specified at the domain level
• Global Security domain in V7 represents the Admin Security configuration and the default configuration for Applications
• Domains used by Applications can override many of the attributesdefined in Global Security domain
• By default a domain inherits behavior from global level
• Things that can be set at domain level: registry (called a realm), system and application login modules, Web SPNEGO settings, TAIs, authentication cache settings, LTPA lifetime, CSIv2 settings, J2C authentication aliases, Java 2 security, application security
• Things that cannot be set at the domain level: authentication mechanism, web SSO settings
Every application server uses the default global domain for administrative operations
• Domains are for application code
70
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Application And Multiple Security Domain Topology
Security Configuration
Realm
Application
AdminSubsyste
m
App Server
ApplicationApplication
Realm
Security Config
Application
AdminSubsyste
m
App Server
ApplicationApplication
Realm
Security Config
Application
AdminSubsyste
m
App Server
ApplicationApplication
Security Config
Application
AdminSubsyste
m
App Server
ApplicationApplication
Deployment
Manager
Realm
Cluster
Deployment Manager, Node Agent, and the Admin Subsystem of Application Servers are in the common administrative security domain.
Applications in a cluster sharea common application security domain.
Applications can have their own application security domain whichconsists of their own user population and their own security mechanismconfiguration.
71
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
WebSphere Auditing
Ability to capture authentication, authorization, change management, security and more.
Logged records can be analyzed to indicate
• Breaches over the security mechanisms in place
• Possible threats and attacks
• Potential weaknesses in the security configuration of the working environment
Types of auditing events
Authentication
Authorization
Principal/Credential mapping
Key management
Security policy management
Audit policy management
User registry and Identity management
Logouts
Delegation
Resource access
Signing and encryption
Admin Configuration Management
Admin Runtime Management
72
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Admin Console –Main Audit Panel
73
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Agenda
Packaging and Install
Standards
Administration
Security
Messaging
• Messaging improvments
• Messaging Engine Policy
Cloud
Wrap-up and Next Steps
74
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
WAS 7.0 Messaging Improvements
Messaging admin usability improvements
• Improved configuration wizards and simplified panels
• Message delivery failure handling improved
• Improved resource usage visibility
Performance
75
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
The bus
The initial design point of an SIBus was to be able to use it as a location transparent messaging system.
A messaging bus
MessagingApplication
Mes
sagin
g
Applic
ation
Messaging
Application Messaging
Application
MessagingApplication
76
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
The bus
Within that bus would be a messaging system capable of dealing with all the messaging requirements.
• E.g. high availability, scalability, connectivity.
MessagingApplication
Mes
sagin
g
Applic
ation
Messaging
Application Messaging
Application
MessagingApplication
77
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Single server, single ME bus
Pros
• Everything in one place
– Aids performance as all messages and application connections are on the same ME
– This minimises path length
– Aids manageability as all messages and application connections are on the same ME
– This minimises configuration and runtime objects to monitor
Bus
Bus Member
App Server
ME
App
MDB
Cons
• Scalability and performance
– of applications
– of messaging
• High availability
– of applications
– of messaging
78
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Application server cluster, single ME bus
Pros
• All messaging is still in one place
• Scalability and performance of applications
• High availability of applications
• High availability of messaging
Bus
Bus Member
App Server
ME
App MDB
App Server
App
In the event of a failure, theME and all its persistent state
can failover to another server inthe cluster.
MDB
Only MDB endpointsco-located with the MEwill process messages †
Cons
• Scalability and performance
– of messaging
– of MDBs
† V7 introduces the option to modify this behaviour.
79
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
In V7 it is possible to enable all MDB endpoints, irrespective of where the ME is running, so the extra server/cluster is no longer essential.
• Some may prefer to keep the separation to maintain a clear division of application runtime and messaging runtime.
• This is configured using the a new option on the MDB’s activation specification:
– ‘Always activate MDBs in all servers’
Application server cluster, single ME bus
Bus
Bus Member
App Server
ME
App Server
AppMDB
AppMDB
80
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Correctly configuring a cluster bus member in V6 and 6.1 involved configuring the following discrete information:
• The SIBus bus member
• A corresponding Core Group policy and its Match Criteria may also be required for certain cluster configurations.
In V7 a configuration wizard provides a single point of configuration for cluster bus members and any associated Core Group policies.
V7 also provides policy assist that helps in the configuration of typical cluster bus member policies
Application server cluster, ME bus
81
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Messaging Engine Policy Assistance settings
Policy assist providesautomatic configuration
of the Core Group policiesto provide the most
typical SIBus clusterconfigurations
If the configurationis non-optimal or
fails to satisfy the HArequirement suggestions
are made
The wizard generatesa graphical representation
of the selected clusterconfiguration
82
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Cluster ME policy
High availability Scalability
Scalability with high availability
83
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Agenda
Packaging and Install
Standards
Administration
Security
Messaging
Cloud
Wrap-up and Next Steps
84
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Get additional resources from IBM developerWorks
Web communities
• Technology zones• Brand zones• alphaWorks• Discussion forums• Blogs • Wikis• RSS Feeds• Podcasts• Localized sites in key non-US
markets
Technical resources
• How-to information• Sample code• Roadmaps• Trial downloads• Tutorials• Technical articles• Webcasts• Demos• Academic portals• Sample projects
Support in the community
• developerWorks Live! Briefings• User Group support• Academic & University events
• #1 Rated Vendor Developer Program (IDC)
• 2nd largest developer community in industry
• 32 industry awards
85
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Complimentary events from developerWorks
IBM Rational Software Delivery Platform webcast series:
View technical webcasts covering global software delivery. See what’s coming up in our 2009 schedule or browse the library of more than 80 recorded titles. Topics are available on demand and include:
– Accelerating Software Delivery with Integrated Change and Release Management
– Consolidated, real-time project views with IBM Rational ClearQuest
– Streamlining Your Software Delivery Processes with IBM Rational Build Forge
Register for complimentary live, worldwide events covering PPM, the IBM Rational Software Delivery Platform, SOA, Linux, WebSphere, Information Management, Integration & Infrastructure, IBM Workplace, and more!
ibm.com/developerworks/offers/techbriefings/events.html
86
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
developerWorks podcasts
• Tune in to hear the latest MP3 recordings on a variety of technical subjects by industry experts and luminaries.
• “This week on developerWorks” podcast features developerWorks content highlights for the week and interviews authors, editors, and other developerWorks contributors in an entertaining 5-8 minute podcast.
• Other podcasts include IBM Fellow Grady Booch as he discusses innovation and evolution in IT, being an IBM Fellow, and keeping an eye on the horizon.
ibm.com/developerworks/podcast
Subscribe to the RSS feeds and the new developerWorks podcasts will come to you!
87
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Fast track your skills with On demand demos
ibm.com/developerWorks/offers/lp/demos
devx.com/OnDemandDemos
Visit developerWorks or our partner portal on DevX for easy access to:
• On demand demos featuring the latest IBM products and technology
• Real world development scenarios
• Technology-focused “how to” training demos
– Short video clips
– Beginner to advanced skill levels
• Additional product and technical resources to accompany each demo
88
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
alphaWorks emerging technologies
alphaWorks.ibm.com
89
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
User Group Communities
ibm.com/developerworks/usergroups
90
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
IBM Academic Initiative
ibm.com/university/scholars/academicinitiative
91
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
Download a PDF of this technical presentation fromwww.ibm.com/developerworks/offers/techbriefings/details/was7.html
92
ISV and Developer Relations
Introducing WebSphere Application Server v7 © 2009-2010 IBM Corporation
We appreciate your feedback in order to improve this educational event.
Please fill out the survey form.