Home > Support > HOWTO List > JSP Hosting: JBoss

JBoss Application Server

JBoss is one of the most widely used and highly rated Java application servers.  JBoss provides services such as JMS, JNDI.  JBoss supports container managed persistence (CMS).  And it will run session beans, entity beans (EJB) and message driven beans.  If you are looking for powerful J2EE Hosting then JBoss is for you.

Running JBoss

On some distros (e.g. RHEL4, and some pre-FC6 distros) RimuHosting pre-installs the JBoss server.  If there is no /usr/local/jboss directory on your server and you want JBoss, then just run:


wget http://proj.ri.mu/installjboss.sh
bash installjboss.sh

This install script should work on most Redhat-, Ubuntu- and Debian-based distros.  You can edit the version number at the top of the script if you need a different version of JBoss than the default (which is usually a relatively recent one).

Almost all our distros have a JDK pre-installed.  If not you can install one using our installjava script (typically you can edit that file to select the JDK version you prefer (1.4, 1.5, 1.6, etc).

To start/top/restart JBoss run: /etc/init.d/jboss start/stop/restart

Check everything is running OK by going to: http://yourserverip:8080/. To access JBoss on the regular port 80 see our iptables/mod_proxy_ajp/mod_jk2 howto.

To make JBoss start on server boot up: chkconfig --level 3 jboss on

JBoss and all its files are located under /usr/local/jboss.  The logs are located in /usr/local/jboss/server/default/logs.

The base JBoss config file is located at /usr/local/jboss/bin/run.conf.  This file controls things like the user under which JBoss runs (jboss), and the Java startup options (e.g. min and max heap size).

Add your WAR (web archive) and EAR (enterprise archive files which contain EJB and WAR files) to /usr/local/jboss/server/default/deploy.

Your application.xml file will have a context-root element that lets the server know where to deploy the web application (e.g. <context-root>/</context-root> if you want to use http://yourdomain.com/index.jsp, or <context-root>/jsp</context-root> if you want to use http://yourdomain.com/jsp/index.jsp.

If you re-upload an EAR file, JBoss will detect the change and reload the application.  There will be a brief service interruption while this occurs.

If you run into problems, the first place to look is in the JBoss logs.  The latest is in /usr/local/jboss/server/default/log/server.log.  The file will be rotated each day.

JBoss Security: AKA Why Can't I see JBoss on http://myip:8080

JBoss, by default, runs a number of different services (JNDI, HSQLDB, JMS, jmx-console, you name it).  There are security issues when exposing these on your public IP.  For example, see (Securing a Default JBoss Installation).  As you can see from that article, securing JBoss involves many different configuration changes.  And with security, the more complex the setup, the less secure the setup. You might want look in /usr/local/jboss/server/default/conf/props/jmx-console-users.properties for the user/password and change those if you plan on having jmx-console enabled..

On our JBoss 4 default installs we have updated /usr/local/jboss/run.conf so that it starts up JBoss listening only on the localhost IP (127.0.0.1) so that it (i.e. JMS, JNDI, web, HSQLDB) cannot be accessed from outside your VPS.

So what use then is JBoss if it only listens on the localhost IP?

Well you can then open up access to the specific bits you want to make public.

First: You can SSH to your server using ssh -L 8081:localhost:8080 yourserverip.  This will create a tunnel from your local machine's port 8081 to your server's port 8080 (JBoss).  Then you can browse to http://localhost:8081 and the connection will be redirected to your server.

If you are using Putty as your SSH client you can go to the SSH Tunnel page and add a Source port of 8081 and a Destination of localhost:8080.

Second: once you have tested things are working correctly, you can use mod_proxy_ajp to direct web requests to JBoss.  This way the request goes to Apache (running on a public IP on port 80 on your server) and Apache then forwards the request to your JBoss instance (running on the localhost IP).

If this setup gets too frustrating, you may remove the -b 127.0.0.1 option from run.conf.  But be sure you otherwise address the security issues of running a default JBoss install on a public IP.

Miscellaneous JBoss Notes

To disable directory listings, edit /usr/local/jboss/server/default/deploy/jbossweb.sar/webdefault.xml and change the dirAllowed setting.

Things EJB objects shouldn't do:  http://java.sun.com/blueprints/guidelines/designing_enterprise_applications/ejb_tier/qanda/restrictions.html

JBoss FAQ: http://www.yorku.ca/dkha/jboss/docs/copies/jbossweb/FAQ

Resolving: "Permission denied"

If you get an error like this in your /usr/local/jboss/default/server.log file:

17:20:42,742 ERROR [MainDeployer] Could not make local copy for file:/usr/local/jboss/server/default/conf/jboss-service.xml java.io.FileNotFoundException: /usr/local/jboss/server/default/tmp/deploy/server/default/conf/jboss-service.xml/1.jboss-service.xml (Permission denied)

Then it may be because you once ran JBoss as root and the file permissions are now incorrect.

The fix: chown -R jboss:jboss /usr/local/jboss /etc/jboss.conf

And remember to always start JBoss using: /etc/init.d/jboss start

You may also want to update your jboss init script: file=jboss;wget -O - http://downloads.rimuhosting.com/javainitscript > /etc/init.d/$file ; chmod +x /etc/init.d/$file.  The new init script automatically does the chown for you each time it starts up.

Resolving: "lockfile for jboss already exists..."

Run /etc/init.d/jboss stop.

If that works, call it good.

Else, run ps axf | less. The output will be like:


21xx pts/0 S 0:00 initlog -q -c su jboss -s /bin/sh -c "sh /usr/local/jboss/b
21yy pts/0 S 0:00 \_ su jboss -s /bin/sh -c sh /usr/local/jboss/bin/run.sh -
21zz pts/0 S 0:00 \_ /usr/java/jdk/bin/java -Xms64M -Xmx128M -Dpro
21aa pts/0 S 0:03 \_ /usr/java/jdk/bin/java -Xms64M -Xmx128M -

You need to kill the java process listed after the su command, e.g. kill -9 21zz (the real process won't have letters in the process id).

You will also need to remove the lock file which the startup script creates: rm -f /var/lock/subsys/jboss

You may also wish to replace your jboss init script (see the previous section).  Since the new script also takes care of properly stopping starting JBoss - regardless of lockfiles.

JBoss Too Noisy?

JBoss logging too many DEBUG or INFO messages?

You'd think you could just change the log4j xml file in /usr/local/jboss/server/default/conf.  But this has no effect.

Rather, in /usr/local/jboss/bin/run.sh there may be a:

# Setup JBoss sepecific properties
JAVA_OPTS="$JAVA_OPTS -Dprogram.name=$PROGNAME -Dlog4j.configuration=file:./log4j.properties"

Change properties to info from debug, that forces it to use the desired log4j configuration.

If that file is not there, try:


for file in $(find /usr/local/jboss -name log4j.xml); do
replace 'value="DEBUG"' 'value="ERROR"' -- $file
replace 'value="WARN"' 'value="ERROR"' -- $file
replace 'value="INFO"' 'value="ERROR"' -- $file
replace 'value="TRACE"' 'value="ERROR"' -- $file
done

And change the priority in the 'root' /usr/local/jboss/server/default/conf/log4j.xml element to:


  <root>
      <priority value ="warn" />
      <appender-ref ref="CONSOLE"/>
      <appender-ref ref="FILE"/>
   </root>

NOTE: in more recent versions of jboss you should look for jboss-log4j.xml.