I am using JBoss 7 AS. I am deploying the projects via the linux box by the cmd like so
bin/standalone.sh -b [ipaddress]
This works fine only when i am on the network, however it doesn't work when i'm outside the network or over the internet.
How do i launch it so people can access it over the internet?
I tried this but it doesnt work.
bin/standalone.sh -b 0.0.0.0
It says:
Google Chrome could not load the webpage because took too long to respond. The website may be down, or you may be experiencing issues with your Internet connection.
Your first step is to understand and configure your interface and port bindings. Before we get to that, it should be clarified that the -b runtime switch has been active since JBoss AS7.0.2, but wasn't present in previous releases of AS 7. Refer to the following link for more information via the JBoss Application Server 7 community forums.
https://community.jboss.org/thread/168789
For your question, you will need to consider both the interface and the port attribute of the socket binding group. Assuming that you're using the standalone instance, you can find the socket binding groups declared in the standalone.xml configuration file as follows.
Socket Groups and Port Bindings
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/>
<socket-binding name="ajp" port="8009"/>
<socket-binding name="http" port="8080"/>
<socket-binding name="https" port="8443"/>
<socket-binding name="osgi-http" interface="management" port="8090"/>
<socket-binding name="remoting" port="4447"/>
<socket-binding name="txn-recovery-environment" port="4712"/>
<socket-binding name="txn-status-manager" port="4713"/>
<outbound-socket-binding name="mail-smtp">
<remote-destination host="localhost" port="25"/>
</outbound-socket-binding>
</socket-binding-group>
You can see that the http connector is bound to port 8080, and you can also see that the management API port bindings are bound to java tokens. These are values that you can override (hence the "${thing:value}" syntax), but you lose the power to override them if you hardcode them. This is relevant because the default interface is a java token, allowing you to use the -b switch to override it.
Interfaces
Here's the default public interface in the standalone.xml file. The word "public" is just a relative handle. You can "call" it anything that you want, just as long as it means something to you and you can associate server groups and socket bindings to it later. This is a great feature of AS 7, allowing you to declare a set of attributes in one element, and inherit their attributes elsewhere by referencing that element name.
The following example allows you to reference the public interface elsewhere without needing to know what the actual Inet Address value is.
<interfaces>
<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>
</interfaces>
Getting Gooey
You can change these values either via the Management CLI or the Management Console (keeping with the workflow guidance that it's better to use the Management APIs and leave the XML alone). Like most GUIs, Management Console is the easiest to jump into first. Here's the socket binding screen. Notice that there's only really one "socket binding group" in the standalone instance, in this case the standard-sockets group.
You can edit the http binding if you need, but you should also think about the interface that you are using to connect to the internet. I'm going to assume that you have set up your webserver to suit your needs (which is probably more a question for apache than JBoss). Here's the console view for interface settings.
This shows the public interface that the standard-sockets binding group is relating itself to in the config file. Advanced configurations can use the Advanced section to create ordered conditions for partitioning traffic. You can even enable the <any-address/> element that is described in the first link I posted above.
From these two screens, you should be able to configure the required interface and port bindings to expose your application to the internet.
The binding -b 0.0.0.0 does not work in JBoss AS7. Instead you have to configure the interfaces in standalone/configuration/standalone.xml.
<interfaces>
<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:<your-public-ip>}"/>
</interface>
</interfaces>
As I cannot comment to drri's answer, I'm adding a note as an answer.
When you configure more port bindings, you have also to add a connector to it inside
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">
in following way:
when you add binding named some-binding on port 10000, you specify it like:
<socket-binding name="some-binding" port="10000"/>
and then you add a connector accordingly:
<connector name="some-binding" protocol="HTTP/1.1" scheme="http" socket-binding="some-binding"/>
Related
I have single machine with single IP address(192.168.1.3) . I copied domain directory as host1.
Changed domain.xml , host.xml to differentiate between domain controller and host controller . Now i have to run both domain controller and host controller in the single machine on single ip address , how can i make this configuration ? Could you suggest what other changes i have to make ?
Download EAP installer. Extract it. Make two copies of domain directories node1 and node2. Then execute these commands:
cd $JBOSS_HOME
cp -r ./domain ./node1
cp -r ./domain ./node2
To start this domain instances, you just have to change native port and management port in host.xml.
<management-interfaces>
<native-interface security-realm="ManagementRealm">
<socket interface="management" port="${jboss.management.native.port:10999}"/>
</native-interface>
<http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
<socket interface="management" port="${jboss.management.http.port:10990}"/>
</http-interface>
</management-interfaces>
or you can mention them at runtime like:
./bin/domain.sh -Djboss.domain.base.dir=./node1/ -Djboss.bind.address=192.168.1.3 -Djboss.bind.address.management=192.168.1.3 <REST_OF_PARAMATERS>
./bin/domain.sh -Djboss.domain.base.dir=./node2/ -Djboss.bind.address=192.168.1.3 -Djboss.bind.address.management=192.168.1.3 -Djboss.management.native.port=10999 -Djboss.management.http.port=10990 <REST_OF_PARAMATERS>
Also you need to make sure that the servers defined in host.xml must have different port offsets for 'node1 domain' and 'node2 domain'.
Otherwise you would get an
java.net.BindException: Address already in use
error.
I am in the process of setting up two Tomcat instances on the same server with an Apache mod_jk load balancer in front of it. I have been using a guide and the Apache Tomcat documentation and stuck to the basic setup suggested. When i try to start up any of the Tomcat instances, i get a BindException from when it tries to start up the SimpleTcpCluster. The error message is "Cannot assign requested address".
I googled for solutions to this issue and came across two suggestions, the first one being to ensure that Java is configured to prefer IPv4 addresses. Tried it - no change. The second suggested to replace the auto value on the address parameter on the Receiver component inside the cluster config (see config below).
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster" channelSendOptions="8">
<Manager className="org.apache.catalina.ha.session.DeltaManager"
expireSessionsOnShutdown="false"
notifyListenersOnReplication="true"/>
<Channel className="org.apache.catalina.tribes.group.GroupChannel">
<Membership className="org.apache.catalina.tribes.membership.McastService"
address="228.0.0.4"
port="45564" frequency="500"
dropTime="3000"/>
<Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
<Transport className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
</Sender>
<Receiver className="org.apache.catalina.tribes.transport.nio.NioReceiver"
address="localhost" port="4000" autoBind="100"
selectorTimeout="5000" maxThreads="6"/>
<Interceptor className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
<Interceptor className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
</Channel>
<Valve className="org.apache.catalina.ha.tcp.ReplicationValve" filter=""/>
<Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
<ClusterListener className="org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener"/>
<ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
</Cluster>
I tried changing "auto" to "localhost", which led to a different error message on Tomcat startup, saying "Address already in use :8009".
At this point i really don't know where to look. Is localhost a bad value? Should i be using auto but make a change somewhere else? Is there anyone out there with a little more experience on this that can give me a helping hand?
We got around this issue by changing the address parameter in the Receiver tag inside the Cluster configuration from "auto" to the actual IP address of the server. I was never able to figure out why this was not working and didn't want to spend any more time once we got the calls through.
<Receiver className="org.apache.catalina.tribes.transport.nio.NioReceiver"
address="123.123.x.x" port="4000" autoBind="100"
selectorTimeout="5000" maxThreads="6"/>
I know we can deploy multiple web applications on JBoss 7 or Wildfly. But how can we access different web application with a different port? Where do we set that port for a web application?
For example,
application1 is accessible on x.x.x.x:8080
application2 is accessible on x.x.x.x:30000
application3 is accessible on x.x.x.x:35000
In your standalone you have to set up a different server and host for each application.
<subsystem xmlns="urn:jboss:domain:undertow:1.2">
<server name="server1">
<http-listener name="default" socket-binding="http-server1"/>
<host name="webapp1" default-web-module="webapp1.war" alias="webapp1.com">
</host>
</server>
<server name="server2">
<http-listener name="default" socket-binding="http-server2"/>
<host name="webapp2" default-web-module="webapp2.war" alias="webapp2.com">
</host>
</server>
<!-- Other Settings -->
</subsystem>
For the socketbinding:
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="http-server1" port="${jboss.http.port:8080}"/>
<socket-binding name="http-server2" port="${jboss.http.port:8081}"/>
<!-- Other ports -->
</socket-binding-group>
And then finally, you can have your .war files in the deployments directory but for configurations like this I sometimes find it easier to set the runtime names explicitly:
<deployments>
<deployment name="webapp1" runtime-name="webapp1.war">
<fs-archive path="/path/to/webapp1.war" />
</deployment>
<deployment name="webapp2" runtime-name="webapp2.war">
<fs-archive path="/path/to/webapp2.war" />
</deployment>
</deployments>
How do I force JBoss AS 7 to serve HTTPS content over TLS 1.0?
I am providing a Java application that uses Spring Security 3 to clients. It is hosted on JBoss AS 7. It can only be reached over a VPN, so I'm not too concerned with encryption at the application or transport layer. (Perhaps I should be?) When my users try to connect, browsers refuse the connection unless the user explicitly enables TLS 1.1 and TLS 1.2. Since my users aren't interested in these nuances, I would like to force JBoss to revert back to TLS 1.0.
How do I force JBoss AS 7 to serve HTTPS content over TLS 1.0?
My web domain setup is as follows:
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host">
<connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" enable-lookups="false" secure="true">
<ssl password="myPassword" certificate-key-file="myKeyFile.jks" protocol="TLSv1" verify-client="false" certificate-file="myCertFile"/>
</connector>
My socket binding group is set up as follows:
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="http" port="8080"/>
<socket-binding name="https" port="8443"/>
....
</socket-binding-group>
Thanks in advance.
See https://docs.jboss.org/jbossweb/7.0.x/config/ssl.html
You can force TLS by making use of the protocol attribute.
The version of the SSL protocol to use. If not specified, Supported values: SSLv2, SSLv3, TLSv1, SSLv2+SSLv3 and ALL. the default is "ALL".
I can't connect to CLI Jboss 7.1.1.FINAL in Ubuntu, i wonder why?
in console i put :
mastervodoo#vodoo-Studio-1558:/opt/jboss-as-7.1.1.Final/bin$ ./jboss-cli.sh
You are disconnected at the moment. Type 'connect' to connect to the server or 'help' for the list of supported commands.
[disconnected /] connect
The controller is not available at localhost:9999
[disconnected /] connect 127.0.0.1
The controller is not available at 127.0.0.1:9999
[disconnected /] connect 127.0.1.1
The controller is not available at 127.0.1.1:9999
[disconnected /] connect 192.168.1.33
The controller is not available at 192.168.1.33:9999
[disconnected /]
is a standalone configuration, why i cannot enter?
Check your XML configuration, e.g. standalone.xml or domain.xml, and look <interfaces/> section. Make sure you're binding to 127.0.0.1 for the management interface. Also have a look at your management-native port in the <socket-binding/> section and make sure it's set to 9999. These are the defaults.
It should look something like the following:
<interfaces>
<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>
...
</interfaces>
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/>
...
</socket-binding-group>
You could also pass properties to change the values if the expression values are being used.
$JBOSS_HOME/bin/standalone.sh -Djboss.bind.address.management=127.0.0.1 -Djboss.management.native.port=9999
If it's still not connecting it's likely a local issue. Most likely a firewall getting in the way or possibly you don't have localhost set-up in your hosts.
Check your hosts file!
/etc/hosts
Your localhost must be specified as 127.0.0.1.
In case your jboss instance is not binding to 127.0.0.1, you may use --controller option as follows:
./jboss-cli.sh --controller=YOUR_IP:9999
Just for the next guy to stumble on this, if you're on Mac, THIS will solve it:
http://saltnlight5.blogspot.com.au/2012/07/getting-jboss-clish-to-work-on-macosx.html
In case link goes down:
Start the server with: bin/standalone.sh -Djava.nio.channels.spi.SelectorProvider=sun.nio.ch.KQueueSelectorProvider
On the client side, first run: export JAVA_OPTS="-Djava.nio.channels.spi.SelectorProvider=sun.nio.ch.KQueueSelectorProvider"
Then run bin/jboss-cli.sh --connect
You should now be connected!
To me this happen due to JBoss being under heavy load while processing an erroneous task which caused Hibernate exceptions at a high rate.
I managed to connect after ~20 retries, after which I couldn't connect again.