Merge pull request #248266 from KarlErickson/xfz11-addpasswordlessjboss-231511

JamesJBarnett · web-flow · commit 3c516b360451 · 2023-08-14T20:02:33.000-07:00
edit "Update Service Connector doc and add new one for passwordless on jboss eap #231511"
diff --git a/articles/app-service/tutorial-java-tomcat-connect-managed-identity-postgresql-database.md b/articles/app-service/tutorial-java-tomcat-connect-managed-identity-postgresql-database.md
@@ -3,15 +3,15 @@ title: 'Tutorial: Access data with managed identity in Java'
 description: Secure Azure Database for PostgreSQL connectivity with managed identity from a sample Java Tomcat app, and apply it to other Azure services.
 ms.devlang: java
 ms.topic: tutorial
-ms.date: 09/26/2022
+ms.date: 08/14/2023
 author: KarlErickson
 ms.author: karler
 ms.custom: passwordless-java, service-connector, devx-track-azurecli, devx-track-extended-java
 ---
 
 # Tutorial: Connect to a PostgreSQL Database from Java Tomcat App Service without secrets using a managed identity
 
-[Azure App Service](overview.md) provides a highly scalable, self-patching web hosting service in Azure. It also provides a [managed identity](overview-managed-identity.md) for your app, which is a turn-key solution for securing access to [Azure Database for PostgreSQL](../postgresql/index.yml) and other Azure services. Managed identities in App Service make your app more secure by eliminating secrets from your app, such as credentials in the environment variables. In this tutorial, you will learn how to:
+[Azure App Service](overview.md) provides a highly scalable, self-patching web hosting service in Azure. It also provides a [managed identity](overview-managed-identity.md) for your app, which is a turn-key solution for securing access to [Azure Database for PostgreSQL](../postgresql/index.yml) and other Azure services. Managed identities in App Service make your app more secure by eliminating secrets from your app, such as credentials in the environment variables. In this tutorial, you learn how to:
 
 > [!div class="checklist"]
 > * Create a PostgreSQL database.
@@ -39,7 +39,7 @@ cd Passwordless-Connections-for-Java-Apps/Tomcat/
 
 ## Create an Azure Database for PostgreSQL
 
-Follow these steps to create an Azure Database for Postgres in your subscription. The Spring Boot app will connect to this database and store its data when running, persisting the application state no matter where you run the application.
+Follow these steps to create an Azure Database for Postgres in your subscription. The Spring Boot app connects to this database and store its data when running, persisting the application state no matter where you run the application.
 
 1. Sign into the Azure CLI, and optionally set your subscription if you have more than one connected to your login credentials.
 
@@ -51,21 +51,21 @@ Follow these steps to create an Azure Database for Postgres in your subscription
 1. Create an Azure Resource Group, noting the resource group name.
 
    ```azurecli-interactive
-   RESOURCE_GROUP=<resource-group-name>
-   LOCATION=eastus
+   export RESOURCE_GROUP=<resource-group-name>
+   export LOCATION=eastus
 
    az group create --name $RESOURCE_GROUP --location $LOCATION
    ```
 
-1. Create an Azure Database for PostgreSQL server. The server is created with an administrator account, but it won't be used because we'll use the Azure Active Directory (Azure AD) admin account to perform administrative tasks.
+1. Create an Azure Database for PostgreSQL server. The server is created with an administrator account, but it isn't used because we're going to use the Azure Active Directory (Azure AD) admin account to perform administrative tasks.
 
    ### [Flexible Server](#tab/flexible)
 
    ```azurecli-interactive
-   POSTGRESQL_ADMIN_USER=azureuser
+   export POSTGRESQL_ADMIN_USER=azureuser
    # PostgreSQL admin access rights won't be used because Azure AD authentication is leveraged to administer the database.
-   POSTGRESQL_ADMIN_PASSWORD=<admin-password>
-   POSTGRESQL_HOST=<postgresql-host-name>
+   export POSTGRESQL_ADMIN_PASSWORD=<admin-password>
+   export POSTGRESQL_HOST=<postgresql-host-name>
 
    # Create a PostgreSQL server.
    az postgres flexible-server create \
@@ -75,16 +75,16 @@ Follow these steps to create an Azure Database for Postgres in your subscription
        --admin-user $POSTGRESQL_ADMIN_USER \
        --admin-password $POSTGRESQL_ADMIN_PASSWORD \
        --public-access 0.0.0.0 \
-       --sku-name Standard_D2s_v3 
+       --sku-name Standard_D2s_v3
    ```
 
    ### [Single Server](#tab/single)
 
    ```azurecli-interactive
-   POSTGRESQL_ADMIN_USER=azureuser
+   export POSTGRESQL_ADMIN_USER=azureuser
    # PostgreSQL admin access rights won't be used because Azure AD authentication is leveraged to administer the database.
-   POSTGRESQL_ADMIN_PASSWORD=<admin-password>
-   POSTGRESQL_HOST=<postgresql-host-name>
+   export POSTGRESQL_ADMIN_PASSWORD=<admin-password>
+   export POSTGRESQL_HOST=<postgresql-host-name>
 
    # Create a PostgreSQL server.
    az postgres server create \
@@ -93,16 +93,16 @@ Follow these steps to create an Azure Database for Postgres in your subscription
        --location $LOCATION \
        --admin-user $POSTGRESQL_ADMIN_USER \
        --admin-password $POSTGRESQL_ADMIN_PASSWORD \
-       --public-network-access 0.0.0.0 \
-       --sku-name B_Gen5_1 
+       --public-access 0.0.0.0 \
+       --sku-name B_Gen5_1
    ```
 
 1. Create a database for the application.
 
    ### [Flexible Server](#tab/flexible)
 
    ```azurecli-interactive
-   DATABASE_NAME=checklist
+   export DATABASE_NAME=checklist
 
    az postgres flexible-server db create \
        --resource-group $RESOURCE_GROUP \
@@ -113,7 +113,7 @@ Follow these steps to create an Azure Database for Postgres in your subscription
    ### [Single Server](#tab/single)
 
    ```azurecli-interactive
-   DATABASE_NAME=checklist
+   export DATABASE_NAME=checklist
 
    az postgres db create \
        --resource-group $RESOURCE_GROUP \
@@ -134,8 +134,8 @@ Follow these steps to build a WAR file and deploy to Azure App Service on Tomcat
 1. Create an Azure App Service resource on Linux using Tomcat 9.0.
 
    ```azurecli-interactive
-   APPSERVICE_PLAN=<app-service-plan>
-   APPSERVICE_NAME=<app-service-name>
+   export APPSERVICE_PLAN=<app-service-plan>
+   export APPSERVICE_NAME=<app-service-name>
    # Create an App Service plan
    az appservice plan create \
        --resource-group $RESOURCE_GROUP \
@@ -149,7 +149,7 @@ Follow these steps to build a WAR file and deploy to Azure App Service on Tomcat
        --resource-group $RESOURCE_GROUP \
        --name $APPSERVICE_NAME \
        --plan $APPSERVICE_PLAN \
-       --runtime "TOMCAT:9.0-jre8" 
+       --runtime "TOMCAT:10.0-java11"
    ```
 
 1. Deploy the WAR package to App Service.
@@ -176,7 +176,7 @@ Then, connect your app to a Postgres database with a system-assigned managed ide
 
 ### [Flexible Server](#tab/flexible)
 
-To do this, run the [az webapp connection create](/cli/azure/webapp/connection/create#az-webapp-connection-create-postgres-flexible) command.
+To make this connection, run the [az webapp connection create](/cli/azure/webapp/connection/create#az-webapp-connection-create-postgres-flexible) command.
 
 ```azurecli-interactive
 az webapp connection create postgres-flexible \
@@ -185,12 +185,13 @@ az webapp connection create postgres-flexible \
     --target-resource-group $RESOURCE_GROUP \
     --server $POSTGRESQL_HOST \
     --database $DATABASE_NAME \
-    --system-identity
+    --system-identity \
+    --client-type java
 ```
 
 ### [Single Server](#tab/single)
 
-To do this, run the [az webapp connection create](/cli/azure/webapp/connection/create#az-webapp-connection-create-postgres) command.
+To make this connection, run the [az webapp connection create](/cli/azure/webapp/connection/create#az-webapp-connection-create-postgres) command.
 
 ```azurecli-interactive
 az webapp connection create postgres \
@@ -199,21 +200,55 @@ az webapp connection create postgres \
     --target-resource-group $RESOURCE_GROUP \
     --server $POSTGRESQL_HOST \
     --database $DATABASE_NAME \
-    --system-identity
+    --system-identity \
+    --client-type java
 ```
 
 ---
-This command creates a connection between your web app and your PostgreSQL server, and manages authentication through a system-assigned managed identity.
 
-## View sample web app
+This command creates a connection between your web app and your PostgreSQL server, and manages authentication through a system-assigned managed identity.
 
-Run the following command to open the deployed web app in your browser.
+Next, update App Settings and add plugin in connection string
 
 ```azurecli-interactive
-az webapp browse \
+export AZURE_POSTGRESQL_CONNECTIONSTRING=$(\
+    az webapp config appsettings list \
+        --resource-group $RESOURCE_GROUP \
+        --name $APPSERVICE_NAME \
+    | jq -c -r '.[] \
+    | select ( .name == "AZURE_POSTGRESQL_CONNECTIONSTRING" ) \
+    | .value')
+
+az webapp config appsettings set \
     --resource-group $RESOURCE_GROUP \
-    --name MyWebapp \
-    --name $APPSERVICE_NAME
+    --name $APPSERVICE_NAME \
+    --settings 'CATALINA_OPTS=-DdbUrl="'"${AZURE_POSTGRESQL_CONNECTIONSTRING}"'&authenticationPluginClassName=com.azure.identity.extensions.jdbc.postgresql.AzurePostgresqlAuthenticationPlugin"'
+```
+
+## Test the sample web app
+
+Run the following command to test the application.
+
+```bash
+export WEBAPP_URL=$(az webapp show \
+    --resource-group $RESOURCE_GROUP \
+    --name $APPSERVICE_NAME \
+    --query defaultHostName \
+    --output tsv)
+
+# Create a list
+curl -X POST -H "Content-Type: application/json" -d '{"name": "list1","date": "2022-03-21T00:00:00","description": "Sample checklist"}' https://${WEBAPP_URL}/checklist
+
+# Create few items on the list 1
+curl -X POST -H "Content-Type: application/json" -d '{"description": "item 1"}' https://${WEBAPP_URL}/checklist/1/item
+curl -X POST -H "Content-Type: application/json" -d '{"description": "item 2"}' https://${WEBAPP_URL}/checklist/1/item
+curl -X POST -H "Content-Type: application/json" -d '{"description": "item 3"}' https://${WEBAPP_URL}/checklist/1/item
+
+# Get all lists
+curl https://${WEBAPP_URL}/checklist
+
+# Get list 1
+curl https://${WEBAPP_URL}/checklist/1
 ```
 
 [!INCLUDE [cli-samples-clean-up](../../includes/cli-samples-clean-up.md)]
diff --git a/articles/service-connector/toc.yml b/articles/service-connector/toc.yml
@@ -45,6 +45,8 @@ items:
         href: ../app-service/tutorial-dotnetcore-sqldb-app.md?bc=%2fazure%2fservice-connector%2fbreadcrumb%2ftoc.json&toc=%2fazure%2fservice-connector%2fTOC.json
       - name: Java Tomcat app to PostgreSQL
         href: ../app-service/tutorial-java-tomcat-connect-managed-identity-postgresql-database.md?bc=%2fazure%2fservice-connector%2fbreadcrumb%2ftoc.json&toc=%2fazure%2fservice-connector%2fTOC.json
+      - name: Java JBoss EAP to MySQL
+        href: tutorial-java-jboss-connect-managed-identity-mysql-database.md
       - name: Python app to PostgreSQL
         href: tutorial-django-webapp-postgres-cli.md
     - name: Azure Container Apps
@@ -137,4 +139,4 @@ items:
     - name: Python SDK
       href: /python/api/azure-mgmt-servicelinker?toc=/azure/service-connector/TOC.json&bc=/azure/service-connector/breadcrumb/toc.json
     - name: Known limitations
-      href: known-limitations.md
+      href: known-limitations.md
diff --git a/articles/service-connector/tutorial-java-jboss-connect-managed-identity-mysql-database.md b/articles/service-connector/tutorial-java-jboss-connect-managed-identity-mysql-database.md
