auth sufficient pam_krb5.so try_first_pass
auth sufficient pam_unix.so shadow nullok try_first_pass
account required pam_unix.so broken_shadow
account [default=bad success=ok user_unknown=ignore] pam_krb5.so
Specifying this seems to reslove the problem:
-Xmx512m -XX:MaxPermSize=512m
USE accounts INDEX on account_no TAG outstanding FOR balance > 0 EXPLAIN SELECT * FROM accounts WHERE balance > 0 Optimized using for condition on tag 'OUTSTANDING'
SE Linux is a feature of the Linux kernel that provides mandatory access control. This policy based access control system grants far greater control over the resources on a machine than standard Linux access controls such as permissions.
Many modern Linux distributions are shipping with SELinux enabled by default, Fedora 14 and Rhel 6 both install with it enabled.
When you run Recital Web on a SELinux enabled machine and navigate to the default.rsp page you will see something similar to the screen shot below.
If you launch the SELinux troubleshooter you will see the following problem.
SELinux is blocking the apache server from accessing the Recital server running on port 8001.
To manage you SELinux policy you must have the policycoreutils package group installed. The policycoreutils contains the policy core utilities that are required for basic operation of a SELinux system.
If you wish to use a GUI tool, you must install the policycoreutils-gui package.
At the command prompt execute the following:
As root
$ yum install policycoreutils
$ semanage port -a -t http_port_t -p tcp 8001
$ service recital restart
$ service httpd restart
We use the semanage command here to allow the http server access to port 8001. Once you have completed the steps detailed above you can go and navigate back to the default.rsp page in your borwser, where you will find the permission denied message is now replaced by the default.rsp page.
SELinux does a great job of restricting services and daemons so rather than simply disabling it, why not work with it!
When it comes to security, every little bit helps...
In this article Barry Mavin, CEO and Chief Software Architect for Recital provides details on how the Recital Database Server can be used to provide a solution for Universal Data Integration.
Overview
The Recital Database Server handles universal cross-platform data access to a wide range of data sources. The database server natively handles full remote SQL data access to Recital, Visual FoxPro, FoxPro, FoxBASE, Clipper and older dBase data. Using Bridges, it handles full remote SQL data access to C-ISAM and OpenVMS RMS. Using gateway connections, it handles full remote SQL data access to Oracle, MySQL, PostgreSQL, SQL Server, server-side ODBC, server-side JDBC and server-side OLE DB data sources. With its ability to access data using server-side ODBC, JDBC and OLE DB drivers from clients on all supported operating systems (Windows, Linux, Unix, OpenVMS), the Recital Database Server is an ideal Data Integration Solution for applications of all sizes and complexity.
Universal Data Integration Solutions
There are several ways in which data may be accessed by the Database Server.
Table 1:
Client Universal Data Access solutions for accessing local or remote data.
| Client | Solution |
|---|---|
| Recital | Use remote gateway connections |
| Visual FoxPro | Use the Universal ODBC Driver |
| Java (all platforms) | Use the Universal JDBC Driver |
| .NET Framework | Use the Universal .NET Data Provider |
| Microsoft Office | Use the Universal ODBC Driver |
| Windows Mobile | Use the Universal Compact Framework .NET Data Provider |
| PHP on Linux | Use the Universal ODBC Driver for Linux |
| Mono on Linux | Use the Universal .NET Data Provider |
| Others | If the data source you want to access is not in the list above, then you can use a remote ODBC, JDBC or OLE DB gateway. You can find examples of connection strings for most ODBC and OLE DB data sources by clicking here. |
Table 2:
Windows Server Universal Data Access solutions accessible from any remote client running on Windows, Linux, Unix or OpenVMS:
| Data Source | Solution |
|---|---|
| Recital | Native support (See table 1) |
| Visual FoxPro | Native support (See table 1) |
| FoxPro | Native support (See table 1) |
| FoxBASE | Native support (See table 1) |
| Clipper | Native support (See table 1) |
| dBase | Native support (See table 1) |
| C-ISAM | Use a bridge (See table 1) |
| Access | Use a gateway connection gateway="oledb:Provider=Microsoft.Jet.OLEDB.4.0;Data Source=\somepath\mydb.mdb;User Id=admin;Password=;" |
| Exchange | Use a gateway connection gateway="oledb:Provider=ExOLEDB.DataSource;Data Source=http://servername/publicstore" |
| Excel | Use a gateway connection gateway="oledb:Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\MyExcel.xls;" |
| Oracle | Use a gateway connection gateway="oledb:Provider=msdaora;Data Source=TheOracleDB;User Id=xxxxx;Password=xxxxx;" |
| SQL Server | Use a gateway connection gateway="oledb:Provider=sqloledb;Data Source=Aron1;Initial Catalog=pubs;User Id=sa;Password=asdasd;" |
| MySQL | Use a gateway connection gateway="oledb:Provider=MySQLProv;Data Source=mydb;User Id=xxxxx;Password=xxxxx;" |
| IBM DB2 | Use a gateway connection gateway="oledb:Provider=DB2OLEDB;Network Transport Library=TCPIP;Network Address=XXX.XXX.XXX.XXX;Initial Catalog=MyCtlg;Package Collection=MyPkgCol;Default Schema=Schema;User ID=MyUser;Password=MyPW" |
| Sybase ASA | Use a gateway connection gateway="oledb:Provider=ASAProv;Data source=myASA" |
| Sybase ASE | Use a gateway connection gateway="oledb:Provider=Sybase.ASEOLEDBProvider;Srvr=myASEserver,5000;Catalog=myDBname;User Id=username;Password=password" |
| IBM Informix | Use a gateway connection gateway="oledb:Provider=Ifxoledbc.2;password=myPw;User ID=myUser;Data Source=dbName@serverName;Persist Security Info=true" |
| Ingres | Use a gateway connection gateway="odbc:dsn=data_source_name" |
| Firebird | Use a gateway connection gateway="odbc:dsn=data_source_name" |
| IBM AS400 iSeries | Use a gateway connection gateway="oledb:PROVIDER=IBMDA400; DATA SOURCE=MY_SYSTEM_NAME;USER ID=myUserName;PASSWORD=myPwd" |
| Interbase | Use a gateway connection gateway="oledb:provider=sibprovider;location=localhost:;data source=c:\databases\gdbs\mygdb.gdb;user id=xxxxx;password=xxxxx" |
| Others |
If the data source you want to access is not in the list above, then you can use server-side ODBC, JDBC or OLE DB. |
Table 3:
Linux and Unix Server Universal Data Access solutions accessible from any remote client running on Windows, Linux, Unix or OpenVMS:
| Data Source | Solution |
|---|---|
| Recital | Native support (See table 1) |
| Visual FoxPro | Native support (See table 1) |
| FoxPro | Native support (See table 1) |
| FoxBASE | Native support (See table 1) |
| Clipper | Native support (See table 1) |
| dBase | Native support (See table 1) |
| C-ISAM | Use a bridge (See table 1) |
| Oracle | Use a gateway connection gateway="oracle:Connection_String" |
| MySQL | Use a gateway connection gateway="mysql:Connection_String" |
| IBM DB2 | Use a gateway connection gateway="db2:Connection_String" |
| PostgreSQL | Use a gateway connection gateway="postgres:Connection_String" |
| Others |
If the data source you want to access is not in the list above, then you can use a server-side JDBC driver. |
Table 4:
OpenVMS Server Universal Data Access solutions accessible from any remote client running on Windows, Linux, Unix or OpenVMS:
| Data Source | Solution |
|---|---|
| Recital | Native support (See table 1) |
| Visual FoxPro | Native support (See table 1) |
| FoxPro | Native support (See table 1) |
| FoxBASE | Native support (See table 1) |
| Clipper | Native support (See table 1) |
| dBase | Native support (See table 1) |
| RMS | Use a bridge (See table 1) |
| Others |
If the data source you want to access is not in the list above, then you can use a server-side JDBC driver. |
Supported Data Sources
Native Data Access
The Recital Database Server has native built-in support for the following data sources:
- Recital
- Visual FoxPro
- FoxPro
- FoxBASE
- Clipper
- dBase
You can setup tables to work with using the Database Administration Tool in Recital Enterprise Studio.
Bridges
Using Bridges, you can access the following data sources as if they were standard Recital/FoxPro tables:
- CISAM
- OpenVMS RMS
You can setup bridges using the Database Administration Tool in Recital Enterprise Studio.
Gateways/Connections
Using Gateways, you can transparently access the following local or remote data sources:
- Recital
- Oracle
- ODBC (Server-side ODBC data sources)
- JDBC (Server-side JDBC data sources)
- OLEDB Use this to connect to SQL Server and other Windows OLE DB data sources)
- MySQL
- PostgreSQL
Remote Data Object functions
Recital 10 includes a complete and robust set of data source independent functions for accession MySQL, Oracle, DB2 and Postgres. This article explains how to use them.
Client Data Access drivers
Included with the Recital Database Server are three Client drivers. These Client drivers can access any data sources supported by the Recital Database Server. They are not restricted to accessing only Recital data. They can be used to access server-side ODBC, JDBC and OLE DB data sources also.
Recital Universal .NET Data Provider
Use this client driver when building .NET applications with Visual Studio .NET. A data provider in the .NET Framework serves as a bridge between an application and a data source. A data provider is used to retrieve data from a data source and to reconcile changes to that data back to the data source.
Key features of the Recital Universal .NET Data Provider:
- Fully Internet enabled
The Recital Universal .NET Data Provider works across the internet providing access to a wide range of data sources located on remote servers running Windows, Linux, Unix and OpenVMS. - SQL Server compatible
The Recital Universal .NET Data Provider is plug compatible with the .NET Framework SQL Server Data Provider. - Cross-platform Data Integration
Using the Recital Universal .NET Data Provider, you can connect to remote Windows, Linux, Unix or OpenVMS servers and access any data source supported by the Recital Database Server. - Managed code
The Recital Universal .NET Data Adaptor written in C# is 100% .NET Framework managed code. - Runs on Windows Mobile
The Recital Universal .NET Data Adaptor runs under the .NET Compact Framework on Windows Mobile.
Recital Universal JDBC Driver
The JDBC API is the industry standard for database-independent connectivity between the Java programming language and a wide range of databases. The JDBC API provides a call-level API for SQL-based database access. JDBC technology allows you to use the Java programming language to exploit "Write Once, Run Anywhere" capabilities for applications that require access to enterprise data.
Key features of the Recital Universal JDBC Driver:
- Fully Internet enabled
The Recital Universal JDBC driver works across the internet providing access to a wide range of data sources located on remote servers running Windows, Linux, Unix and OpenVMS. - JDBC 3.0 API
The Recital Universal JDBC driver supports the JDBC 3.0 API. - Pure Java Type 3 Driver
The Recital Universal JDBC driver is a 100% pure Java Type 3 driver. - Full Access to Metadata
The JDBC API provides metadata access that enables the development of sophisticated applications that need to understand the underlying facilities and capabilities of a specific database connection. - Cross-platform Data Integration
Using the Recital Universal JDBC driver, you can connect to remote Windows, Linux, Unix or OpenVMS servers and access any data source supported by the Recital Database Server. - No Installation
A pure JDBC technology-based driver does not require special installation; it is automatically downloaded as part of the applet that makes the JDBC calls. The Recital Universal JDBC Driver is 100% java.
Recital Universal ODBC Driver
Connect to remote data from Microsoft Office or other applications that support ODBC data access. The Recital Universal ODBC Driver is also available for Linux and Unix.
Key features of the Recital Universal ODBC Driver:
- Fully Internet enabled
The Recital Universal ODBC driver works across the internet providing access to a wide range of data sources located on remote servers running Windows, Linux, Unix and OpenVMS. - Works with Crystal Reports
The Recital Universal ODBC driver supports the SQL syntax generated by Crystal Reports. - Works with Microsoft Office
The Recital Universal ODBC driver works with Microsoft Office products. - Works with PHP on Linux
The Recital Universal ODBC driver is available for Linux and works with PHP.
Usually, you do not need to setup an email server under Linux. Most GUI email clients support Gmail POP3 and IMAP configurations. But, how do you send mail via the standard /usr/bin/mail user agents in a shell script? Programs such as sendmail / postfix / exim can be configured as a gmail smarthost but they are largely overkill for this use. The ssmtp program is a neat utility that does just that for you via gmail.
I am pleased to finally report that the Centos release of Redhats 5.3 has been built and is available for download from http://www.centos.org/
The highlights of this release can be found at the following URL: http://www.redhat.com
The main areas of interest in my opinion excluding critical secirty fixes are:
- Updated hardwaresupport support for the new Intel Core i7 (Nehalem) chips
- Beefed up virtualiseation support increasing CPU and Ram limits of Virtual machines.
- Inclusion of the fully open sourced OpenJDK. This makes Red Hat Enterprise Linux 5.3 the first enterprise-ready solution with a fully open source Java stack when combined with JBoss Enterprise Application Platform.
For those who already have Centos 5.2 installed you can simply receive the update via Yum.
Before you do the following, check that you do not have 3rd party repo's and the Centos-testing repo enabled.
You can display the currently enabled repo's using the following command.
$ yum repolist
Then as root at the prompt type:
$ yum update
If you have 4 GB or more RAM use the Linux kernel compiled for PAE capable machines. Your machine may not show up total 4GB ram. All you have to do is install PAE kernel package.
This package includes a version of the Linux kernel with support for up to 64GB of high memory. It requires a CPU with Physical Address Extensions (PAE).
The non-PAE kernel can only address up to 4GB of memory. Install the kernel-PAE package if your machine has more than 4GB of memory (>=4GB).
# yum install kernel-PAE
If you want to know how much memory centos is using type this in a terminal:
# cat /proc/meminfo
In this article Chris Mavin, explains and details how to use the Recital Database Server with the Open Source Servlet Container Apache Tomcat.
Overview
PHP has exploded on the Internet, but its not the only way to create web applications and dynamic websites. Using Java Servlets, JavaServer Pages and Apache Tomcat you can develop web applications in a more powerful full featured Object Oriented Language, that is easier to debug, maintain, and improve.
Tomcat Installation
There are a number of popular Java application servers such as IBM Web Sphere and BEA WebLogic but today we will be talking about the use of Apache Tomcat 5, the Open Source implementation of the Java Servlet and JavaServer Pages technologies developed at the Apache Software Foundation. The Tomcat Servlet engine is the official reference implementation for both the Servlet and JSP specifications, which are developed by Sun under the Java Community Process. What this means is that the Tomcat Server implements the Servlet and JSP specifications as well or better than most commercial application servers.
Apache Tomcat is available for free but offers many of the same features that commercially available Web application containers boast.
Tomcat 5 supports the latest Servlet and JSP specifications, Servlet 2.4, and JSP 2.0, along with features such as:
-
Tomcat can run as a standalone webserver or a Servlet/JSP engine for other Web Servers.
-
Multiple connectors - for enabling multiple protocol handlers to access the same Servlet engine.
-
JNDI - The Java Naming and Domain Interface is supported.
-
Realms - Databases of usernames and passwords that identify valid users of a web application.
-
Virtual hosts - a single server can host applications for multiple domain names. You need to edit server.xml to configure virtual hosts.
-
Valve chains.
-
JDBC - Tomcat can be configured to use any JDBC driver.
-
DBCP - Tomcat can use the Apache commons DBCP for connection pooling.
-
Servlet reloading (Tomcat monitors any changes to the classes deployed within that web server.)
-
HTTP functionality - Tomcat functions as a fully featured Web Server.
-
JMX, JSP and Struts-based administration.
Tomcat Installation
In this next two sections we will walk through the install and setup of Tomcat for use with the Recital database server.
To download Tomcat visit the Apache Tomcat web site is at http://jakarta.apache.org/tomcat.
Follow the download links to the binary for the hardware and operating system you require.
For Tomcat to function fully you need a full Java Development Kit (JDK). If you intend to simply run pre compiled JavaServer pages you can do so using just the Java Runtime Environment(JRE).
The JDK 1.5 is the preferred Java install to work with Tomcat 5, although it is possible to run Tomcat 5 with JDK 1.4 but you will have to download and install the compat archive available from the Tomcat website.
For the purpose of this article we will be downloading and using Tomcat 5 for Linux and JDK 5.0,
you can download the JDK at http://java.sun.com/javase/downloads/index.jsp.
Now we have the JDK, if the JAVA_HOME environment variable isn't set we need to set it to refer to the base JDK install directory.
Linux/Unix:
$ JAVA_HOME= /usr/lib/j2se/1.4/ $ EXPORT $JAVA_HOME
Windows NT/2000/XP:
Follow the following steps:
1. Open Control Panel.
2. Click the System icon.
3. Go to the Advanced tab.
4. Click the Environment Variables button.
5. Add the JAVA_HOME variable into the system environment variables.
The directory structure of a Tomcat installation comprises of the following:
/bin - Contains startup, shutdown and other scripts. /common - Common classes that the container and web applications can use. /conf - Contains Tomcat XML configuration files XML files. /logs - Serlvet container and application logs. /server - Classes used only by the Container. /shared - Classes shared by all web application. /webapps - Directory containing the web applications. /work - Temporary directory for files and directories.
The important files that you should know about are the following:
-
server.xml
The Tomcat Server main configuration file is the [tomcat install path]\conf\server.xml file. This file is mostly setup correctly for general use. It is within this file where you specify the port you wish to be running the server on. Later in this article I show you how to change the default port used from 8080 to port 80.
-
web.xml
The web.xml file provides the configuration for your web applications. There are two locations where the web.xml file is used,
web-inf\web.xml provides individual web application configurations and [tomcat install path]conf\web.xml contains the server wide configuration.
Setting up Tomcat for use
We'll start by changing the port that Tomcat will be listening on to 80.
To do this we need to edit [tomcat install path]/conf/server.xml and change the port attribute of the connector element from 8080 to 80.
After you have made the alteration the entry should read as:
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 --> <Connector port="80" maxHttpHeaderSize="8192"
Next we want to turn on Servlet reloading, this will cause the web application to be recompiled each time it is accessed, allowing us to make changes to the files without having to worry about if the page is being recompiled or not.
To enable this you need to edit [tomcat install path]/conf/context.xml and change <Context> element to <Context reloadable="true">.
After you have made the alteration the entry should read as:
<Context reloadable="true"> <WatchedResource>WEB-INF/web.xml</WatchedResource> </Context>
Next we want to enable the invoker Servlet.
The "invoker" Servlet executes anonymous Servlet classes that have not been defined in a web.xml file. Traditionally, this Servlet is mapped to the URL pattern "/servlet/*", but you can map it to other patterns as well. The extra path info portion of such a request must be the fully qualified class name of a Java class that implements Servlet, or the Servlet name of an existing Servlet definition.
To enable the invoker Servlet you need to edit the to [tomcat install path]/conf/web.xml and uncomment the Servlet and Servlet-mapping elements that map the invoker /servlet/*.
After you have made the alteration the entry should read as:
<servlet> <servlet-name>invoker</servlet-name> <servlet-class>org.apache.catalina.servlets.InvokerServlet</servlet-class> <init-param> <param-name>debug</param-name> <param-value>0</param-value> </init-param> <load-on-startup>2</load-on-startup> </servlet> <servlet-mapping> <servlet-name>invoker</servlet-name> <url-pattern>/servlet/*</url-pattern> </servlet-mapping>
If you are you not interested in setting up your own install of Tomcat there are prebuilt versions Tomcat that has all of the above changes already made, and has the test HTML, JSP, and Servlet files already bundled. Just unzip the file, set your JAVA_HOME
Next we will give Tomcat and your web applications access to the Recital JDBC driver.
For the purposes of this article we are going to install the Recital JDBC driver in the /[tomcat install path]/common/lib/ this gives Tomcat and your web applications access to the Recital JDBC driver. The driver can be installed in a number of places in the Tomcat tree, giving access to the driver to specific application or just to the web application and not the container. For more information refer to the Tomcat documentation.
Copy the recitalJDBC.jar which is located at /[recital install path]/drivers/recitalJDBC.jar to the /[tomcat install path]/common/lib/ directory.
Linux:
$cp /[recital install path]/drivers/recitalJDBC.jar /[tomcat install path]/common/lib/
Once you have completed all the steps detailed above, fire up the server using the script used by your platform's Tomcat installation.
Linux/Unix:
[tomcat install path]/bin/startup.sh
Windows:
[tomcat install path]/bin/startup
If you are having problems configuring your Tomcat Installation or would like more detail visit the online documentation a the Apache Tomcat site.
Example and Links
Now we have setup our Tomcat installation, lets get down to it with a JSP example which uses the Recital JDBC driver to access the demonstration database (southwind) shipped with the Recital Database Server.
The example provided below is a basic JDBC web application, where the user simply selects a supplier from the listbox and requests the products supplied by that supplier.
To run the example download and extract the tar archive or simple save each of the two jsp pages individually into /[tomcat install path]/webapps/ROOT/ on your server.
By enabling the invoker Servlet earlier we have removed the need to set the example up as a web application in the Tomcat configuration files.
You can now access the example web application at http://[Server Name]/supplier.jsp if the page doesn't display, check you have followed all the Tomcat installation steps detailed earlier in this article and then make sure both Tomcat and a licensed Recital UAS are running.
Downloads:
Archive: jspExample.tar
Right click and save as individual files and rename as .jsp files:
supplier.txt details.txt
Further Reading on JSP and JDBC can be found at http://www-128.ibm.com/developerworks/java/library/j-webdata/
Final Thoughts
Recital and Apache tomcat are a powerful combination, using Java Servlet technology you can separate application logic and the presentation extremely well. Tomcat, JSP, Java Servlets and the Recital database server form a robust platform independent, easily maintained and administered solution with which to unlock the power of your Recital, Foxpro, Foxbase, Clipper, RMS and C-SAM data.