Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Chapter 31. Scripting

JBoss Data Grid includes a method of storing scripts on servers, allowing remote clients to execute scripts locally with the JDK's javax.script.ScriptEngines. By default the JDK comes with Nashorn, capable of running JavaScript; however, this may be extended to run any JVM language that offers their own ScriptEngine.
Report a bug

31.1. Accessing the Script Cache
Copy link

Scripts are stored in a special, protected cache entitled ___script_cache. As this is a protected cache only loopback requests or connections with authorization enabled will be allowed to access the cache.
The following requirements must be met to connect to the ___script_cache remotely:
  • A user has been defined with the ___script_manager role.
  • The client has a secure connection to the server; this may be attained by following the instructions in Section 20.7, “Securing Interfaces”.
  • Authorization has been enabled on the cache-container.

Example 31.1. Configuring the Server for Access the Script Cache

The following example covers configuring the server to access the script cache, using the DIGEST-MD5 method of securing the Hot Rod connector.
  1. Add a user to the server as follows:
    1. Execute the $JDG_HOME/bin/add-user.sh (Linux) or $JDG_HOME\bin\add-user.bat (Windows) script.
    2. Enter b at the first prompt to create an ApplicationRealm user. 
      What type of user do you wish to add? 
 a) Management User (mgmt-users.properties) 
 b) Application User (application-users.properties)
(a): b
      Copy to Clipboard Toggle word wrap
    3. Follow the prompts to define the desired username and password for the user.
    4. When prompted for the groups enter ___script_manager for this user: 
      What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[  ]: ___script_manager
      Copy to Clipboard Toggle word wrap
  2. Secure the communication between the client and server. As this example is using DIGEST-MD5 the instructions in will be followed. The following snippet demonstrates the necessary xml configuration: 
    <cache-container name="local" default-cache="default" statistics="true">
  <security>
    <authorization>
      <identity-role-mapper />
        <role name="admin" permissions="ALL" />
        <role name="reader" permissions="READ" />
        <role name="writer" permissions="WRITE" />
        <role name="supervisor" permissions="READ WRITE EXEC BULK" />
    </authorization>
  </security>
  [...]
<cache-container>
[...]
<hotrod-connector socket-binding="hotrod" cache-container="local">
  <authentication security-realm="ApplicationRealm">
    <sasl server-name="scriptserver" mechanisms="DIGEST-MD5" qop="auth" />
  </authentication>
</hotrod-connector>
    Copy to Clipboard Toggle word wrap
  3. Create the cache manager using the secured connection, as seen in the following code snippet: 
    Configuration config = new ConfigurationBuilder()
    .addServer()
        .host("localhost")
        .port(11222)
    .security()
        .authentication()
        .enable()
        .saslMechanism("DIGEST-MD5")
        .serverName("scriptserver")
        .callbackHandler(new MyCallbackHandler("user", "ApplicationRealm", "password".toCharArray()))
    .build();

cacheManager = new RemoteCacheManager(config);
    Copy to Clipboard Toggle word wrap
Report a bug
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat