Running a stock Glassfish or Payara Server there is a default application deployed called "ejb-timer-service-app" which includes a web frontend at http://localhost:8080/ejb-timer-service-app/timer
More information here: https://docs.oracle.com/cd/E18930_01/html/821-2418/beahw.html
Sadly the frontend is not reachable over the protected admin console (port 4848) but over the main host (port 8080 and 8181). So everyone knowing my server URL can access this page.
Is there a way to deactive the app (not the ejb-timer-service itself) or at least make the frontend-page no longer accessable (hide it) without some fancy firewall or loadbalancer configurations?
Apparently there is currently no way to disable the application out of the box. I requested a new features for payara over at github: https://github.com/payara/Payara/issues/1803
Because the ejb-timer-service-app.war is required for the application server in order to provide the EJB timerservice it can't be deleted.
However I've created a workaround to at least disable the frontend part:
I did some quick tests locally on how to remove the frontend without
damaging the EJB timer-service. Here is what I've changed inside the
${PAYARA_HOME}/glassfish/lib/install/applications/ejb-timer-service-app.war:
Delete file WEB-INF\sun-web.xml
Delete file WEB-INF\web.xml
Delete folder WEB-INF\classes\com
Shell commands:
zip -d ejb-timer-service-app.war "WEB-INF/sun-web.xml"
zip -d ejb-timer-service-app.war "WEB-INF/web.xml"
zip -d ejb-timer-service-app.war "WEB-INF/classes/com/*"
If the domain has been started before you also have to delete the folder
glassfish\domains\domain1\applications\ejb-timer-service-app to clean up the already deployed frontend.
After a domain restart the servlet at
http://localhost:8080/ejb-timer-service-app/timer is no longer
available (HTTP 404) nevertheless the EJB timers are working properly
Related
We're using WildFly 10 as our application server and deploy via Docker (deployment in WF is ordinary hotdeployment). We're not using WildFly's clustering mechanisms but simply have load-balancers (HAProxys) in front.
The problem is that WF opens its HTTP port while the EAR deployment is still in progress. This (of course?) leads to HTTP 404 errors which we don't want to handle specifically in the LBs. This could lead to false negatives...
Is there a way to allow HTTP connections only after the EAR has started successfully?
Alternatively is it possible to replace the "404 because nothing is deployed here"-error with a "503 service unavailable"? This would much better express the problem and would be easy to handle externally...
You can set default-response-code for host you are running this on.
something along the lines:
<host name="default-host" alias="localhost" default-response-code="503">
or in cli:
/subsystem=undertow/server=default-server/host=default-host:write-attribute(name=default-response-code, value=503)
and similarly for any other host you might have.
I'm really struggling to configure Wildfly 9 to cluster/failover its sessions...
I keep reading that wildfly in standalone-ha mode will automatically discover peers and automatically share sessions, but it's clearly not working for me.
I have setup 3 AWS EC2 servers which all have the same configuration. They all run the same versions of everything and have the same webapp .war file deployed to each of them. This webapp works fine, I can log in to the app which maintains a simple session variable to verify that I am logged in. I've launched each server with standalone-ha.xml configuration files but logging into one doesn't allow be to access the session in any of the others.
I've tried all the things I can think of, but don't know how to diagnose the issue as I don't know how the servers identify each other.
I've manually deployed the war file on each server but placing the file into .../standalone/deployments/
Each has a fully open firewall...
Oh - I set the muticast address on the command line to 230.0.0.4 (That number came from a guide, and I have literally no understanding of it) and each is bound (-b) to the internal IP of the server...
Any help appreciated...
First you must consider that in AWS EC2 multicast traffic is not allowed and thus MPING will not work.
See http://developer.jboss.org/wiki/JGroupsS3PING
An example how to implement S3Ping http://aws.typepad.com/awsaktuell/2013/10/elastic-jboss-as-7-clustering-in-aws-using-ec2-s3-elb-and-chef.html
Follwing the steps as outlined here: Standalone web service
I created a test web service that works great on my local machine. Since this is 'stand alone' I copied the same root folder on to a 'server' that I use and published the service on the server (as if it is my local machine). When I access the wsdl using localhost as the domain name, it works fine on the server. However, when I try the url from a different macihne on the network giving the server's domain name instead of localhost, I get a 'can not be displayed' error in IE.
My question is, should this even be possible? Or is there anything specific that needs to be done. Since this is a 'stand alone' solution, we should not require 'another' container like tomcat correct?
To be honest, until your post, I had no idea there was a builtin, lightweight, HTTP Server in the JDK. I've always used glassfish for my web service needs.
I can't say for sure, but if you look closely at the example code you'll see:
Endpoint endpoint = Endpoint.publish("http://localhost:8080/calculator", calculator);
I suspect that this limits you to "localhost" as opposed to the host machine. Try changing it so that it represents the name of the server and try again from another machine (naturally making sure it can get through the firewall as well). Something like:
Endpoint endpoint = Endpoint.publish("http://myserver:8080/calculator", calculator);
Rebuild it and try again. Other than that, you'd need to create a proper war file and deploy to glassfish, tomcat, etc.
Hi there I have a simple jar that works like a server, can I upload it to my OpenShift account and run it ? How by the way ? Thanks alot in advance.
You might need to provide a few more details. If you want to upload a .jar file and have it run, you will need to add it to your git repository and then create an action hook that runs the .jar file (java -jar /path/to/file.jar &) and then do a git push. if you want to include the jar file for your .war web application to use, you can check the KB articles section of the openshift website for examples of how to do that.
Only port 8080 on a specific IP is exposed to the outside world. Check the docs for the environment variables such as ${OPENSHIFT_DIY_IP} and ${OPENSHIFT_DIY_PORT}. (Note the public connect via port 80 but they are connecting to the openshift infrastructure which forwards to your app running on port 8080.)
An example of running a jetty server as a jar is given at https://stackoverflow.com/a/33114072/329496 which builds a WAR file then has a start script which runs jetty as a JAR assigning the host and port using those environment variables.
To be honest if you are building a JAR and pushing it to the server you could use just use Amazon Web Services to get a host without any added extras. OpenShift is PaaS (platform as a service) whereas Amazon Web Services is IaaS (infrastructure as service). If all you need is linux and java that is very well supported with any IaaS. They also have less restrictions on a raw linux virtual machine such as being able to run on port 80. As an example I used to build JARs to run on OpenShift but they don't have full support for websockets (you have to use a high port which is not acceptable to many corporate web proxies). So I moved over to AWS and it was very easy to get things running there.
I'm trying to see if a WAR I just built is even running inside of Tomcat (7.0.19). I am deploying to a linux box and so my only two options are the Tomcat admin console (web app) or, hopefully, determining webapp status through the terminal.
I already know how to get in through the console web app; I am wondering if there is any way to see the status (ACTIVE/INACTIVE/TERMINATED, etc) of deployed web apps from the terminal.
Thanks in advance.
PSI-Probe is a great application for monitoring your applications deployed to a tomcat instance. It will tell you if an application is running or down. If the application is not deployed, it will simply not be in the list.
curl --user user:pass http://localhost:8080/manager/text/list
It prints
OK - Listed applications for virtual host localhost
/manager:running:0:manager
/docs:running:0:docs
/examples:running:0:examples
/host-manager:running:0:host-manager
/myapp:running:0:myapp
Your user needs the manager-script role. Documentation: Manager App HOW-TO, List_Currently_Deployed_Applications
You can probably do it using JMX.
Find appropriate MBean that shows this information on local tomcat using regular JConsole. If you want to connect JConsole to remote you will probably have some problems with firewall, so you have other solution.
Take command line JMX client and run it on the monitored host through SSH terminal. I used the following command line JMX client: cmdline-jmxclient-0.10.3.jar
wget http://<username>:<password>#<hostname>:<port>/manager/list -O - -q
(Not sure about Tomcat 7 though)