[2008-02-21 10:31:57] - [ERROR] (SolicitudPortlet.java:325) - Usted no posee suficiente autonomia

Con toda seguridad un sysadmin diría: WTF is that?

Getting binaries

First of all, we have to download JDK 1.5 or greater from here. If you prefer, you could use the default package of your favorite distribution but in my case, I usually need different versions of JDK, so, I prefer to manage the JDK by myself.

modlost:~$ ls ~/download
jdk-6-linux-i586.bin

A good question is where we will install that JDK?, well, It’s better to follow FHS and try to keep everything clean in your hard disk. It’s difficult sometimes but It’s better for maintenance. Let’s install JDK in /opt directory.

modlost:~$ mkdir -p /opt/java/sun/
modlost:~$ cp ~/download/jdk-6-linux-i586.bin /opt/java/sun
modlost:~$ cd /opt/java/sun
modlost:/opt/java/sun$ chmod 755 jdk-6-linux-i586.bin
modlost:/opt/java/sun$ ./jdk-6-linux-i586.bin

Follow the instructions and you’ll get:

modlost:/opt/java/sun$ ls -F
jdk-6-linux-i586.bin*   jdk1.6.0/
modlost:/opt/java/sun$ ln -s jdk1.6.0 jdk1.6

It’s time to download Geronimo with Tomcat from here. I prefer to use Tomcat, but Jetty is also a good web container. It’s up to you.

modlost:~$ ls ~/download
jdk-6-linux-i586.bin    geronimo-tomcat6-jee5-2.0.1-bin.tar.gz

As you may imagine, We’ll install Geronimo in /opt directory

modlost:~$ mkdir -p /opt/java/apache/
modlost:~$ cp ~/download/geronimo-tomcat6-jee5-2.0.1-bin.tar.gz /opt/java/apache
modlost:~$ cd /opt/java/apache
modlost:/opt/java/apache$ tar xzf geronimo-tomcat6-jee5-2.0.1-bin.tar.gz
modlost:/opt/java/apache$ ls -F
geronimo-tomcat6-jee5-2.0.1/   geronimo-tomcat6-jee5-2.0.1-bin.tar.gz
modlost:/opt/java/apache$ ln -s geronimo-tomcat6-jee5-2.0.1 geronimo2.0

Geronimo Configuration

Geronimo needs to find the JDK that we installed before. The easiest way to do this is creating the setenv.sh file

modlost:~$ cd /opt/java/apache/geronimo2.0
modlost:/opt/java/apache/geronimo2.0$ echo "JAVA_HOME=/opt/java/sun/jdk1.6" > bin/setenv.sh
modlost:/opt/java/apache/geronimo2.0$ echo "JAVA_OPTS=-Xms128M -Xmx256M" >> bin/setenv.sh

Well, let’s start Geronimo:

modlost:~$ /opt/java/apache/geronimo2.0/bin/startup.sh

Now, you can continue configuring Geronimo itself. Open a web browser and go to http://localhost:8080/console/, the default configuration has a default user: system with password: manager. I’ll cover this topic in another article.

Let’s go and play with Geronimo 2.0.1!!

I recommend this book for everyone who wants to know everything about security in Java applications. I like “Chapter 1: Security by Default” and “Chapter 2: Basics of Security”, they are a good introduction to security concepts.

I found in this book a better way to express what I always think about the way some sysadmins take care of security,… they only pay attention to application security!

Most security administrators focus on network and infrastructure security and tend to ignore application-specific and content-level vulnerabilities. This leads to application and content-level attacks suck as malicious code injection, cross-site scripting, XML attacks, and so on.

It shows some interesting best practices and strategies to secure java applications and also web services. If you take care of security, you must buy this book.