http://www.aaa.com:8080/web1
http://www.bbb.com:8080/web2
http://www.ccc.com:8080/web3
Administering Internet Connectivity DRAFT |
Previous | Next | Contents |
This chapter provides procedures for performing internet connectivity
tasks in the GlassFish Server Open Source Edition 5.0 environment by
using the asadmin
command-line utility.
The following topics are addressed here:
Instructions for accomplishing the tasks in this chapter by using the Administration Console are contained in the Administration Console online help.
The HTTP service provides functionality for deploying web applications and for making deployed web applications accessible by Internet clients, either in a single application server instance or in a cluster of multiple server instances. HTTP services are provided by two kinds of related objects: listeners and virtual servers.
For more information about clusters, see the GlassFish Server Open Source Edition High Availability Administration Guide.
The following topics are addressed here:
An HTTP listener, also known as a network listener, is a listen socket that has an Internet Protocol (IP) address, a port number, a server name, and a default virtual server. Each virtual server provides connections between the server and clients through one or more listeners. Each listener must have a unique combination of port number and IP address. For example, an HTTP listener can listen for a host on all configured IP addresses on a given port by specifying the IP address 0.0.0.0. Alternatively, the listener can specify a unique IP address for each listener while using the same port.
Because an HTTP listener is a combination of IP address and port number, you can have multiple HTTP listeners with the same IP address and different port numbers, or with different IP addresses and the same port number (if your host was configured to respond to these addresses). However, if an HTTP listener uses the 0.0.0.0 IP address, which listens on all IP addresses on a port, you cannot create HTTP listeners for additional IP addresses that listen on the same port for a specific IP address. For example, if an HTTP listener uses 0.0.0.0:8080 (all IP addresses on port 8080), another HTTP listener cannot use 1.2.3.4:8080. The host running the GlassFish Server typically has access to only one IP address. HTTP listeners typically use the 0.0.0.0 IP address and different port numbers, with each port number serving a different purpose. However, if the host does have access to more than one IP address, each address can serve a different purpose.
To access a web application deployed on GlassFish Server, use the URL
http://localhost:8080/
(or https://localhost:8081/
for a secure
application), along with the context root specified for the web
application.
To access the Administration Console, use the URL
https://localhost:4848/
or http://localhost:4848/asadmin/
(console
default context root).
A virtual server, sometimes called a virtual host, is an object that
allows the same physical server to host multiple Internet domain names.
All virtual servers hosted on the same physical server share the IP
address of that physical server. A virtual server associates a domain
name for a server (such as www.aaa.com
) with the particular server on
which GlassFish Server is running. Each virtual server must be
registered with the DNS server for your network.
Note
|
Do not confuse an Internet domain with the administrative domain of GlassFish Server. |
For example, assume that you want to host the following domains on your
physical server: www.aaa.com
, www.bbb.com
, and www.ccc.com
. Assume
that these domains are respectively associated with web modules web1
,
web2
, and web3
. This means that the following URLs are handled by
your physical server:
http://www.aaa.com:8080/web1
http://www.bbb.com:8080/web2
http://www.ccc.com:8080/web3
The first URL is mapped to virtual server www.aaa.com
, the second URL
is mapped to virtual server www.bbb.com
, and the third is mapped to
virtual server www.ccc.com
. For this mapping to work, www.aaa.com
,
www.bbb.com
, and www.ccc.com
must all resolve to your physical
server’s IP address and each virtual server must be registered with the
DNS server for your network. In addition, on a UNIX system, add these
domains to your /etc/hosts
file (if the setting for hosts
in your
/etc/nsswitch.conf
file includes files
).
By default, when GlassFish Server starts, the following HTTP listeners are started automatically:
HTTP listeners associated with the virtual server named server
:
The listener named http-listener-1
does not have security enabled.
The listener named http-listener-2
has security enabled
An HTTP listener named admin-listener
, associated with the virtual
server named __asadmin
. For this listener, security is not enabled.
The following table describes the GlassFish Server default ports for the listeners that use ports.
Table 13-1 Default Ports for Listeners
Listener | Default Port | Description |
---|---|---|
Administrative server |
4848 |
A domain’s administrative server is
accessed by the Administration Console and the |
HTTP |
8080 |
The web server listens for HTTP requests on a port. To access deployed web applications and services, clients connect to this port. |
HTTPS |
8181 |
Web applications configured for secure communications listen on a separate port. |
The following topics are addressed here:
Use the subcommands in this procedure to create an internet connection with the full range of listener options. A network listener is created behind the scenes. For the shortcut version of this process , see To Create an HTTP Network Listener.
Ensure that the server is running.
Remote subcommands require a running server.
Create an HTTP or HTTPS protocol by using the
create-protocol
subcommand with the
--securityenabled
option.
To use the built-in http-listener-1
HTTP protocol, or
http-listener-2
HTTPS protocol, skip this step.
Create an HTTP configuration by using the
create-http
subcommand.
To use a built-in protocol, skip this step.
Create a transport by using the create-transport
subcommand.
To use the built-in tcp
transport, skip this step.
Create a thread pool by using the
create-threadpool
subcommand.
To avoid using a thread pool, or to use the built-in http-thread-pool
thread pool, skip this step.
For additional thread pool information, see
Administering Thread Pools.
Create an HTTP listener by using the
create-network-listener
subcommand.
Specify a protocol and transport, optionally a thread pool.
To apply your changes, restart GlassFish Server.
See To Restart a Domain.
See Also
You can also view the full syntax and options of the subcommand by
typing a command such as asadmin help create-http-listener
at the
command line.
Each HTTP listener has an HTTP protocol, which is created either by
using the create-protocol
subcommand or by using the built-in
protocols that are applied when you follow the instructions in
To Create an HTTP Network Listener.
The following topics are addressed here:
Use the create-protocol
subcommand in remote mode to create a
protocol.
Ensure that the server is running.
Remote subcommands require a running server.
Create a protocol by using the create-protocol
Information about options and properties for the subcommand are included
in this help page.
Example 13-1 Creating an HTTP Protocol
This example creates a protocol named http-1
with security enabled.
asadmin> create-protocol --securityenabled=true http-1
Command create-protocol executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help create-protocol
at the command line.
Use the list-protocols
subcommand in remote mode to list the existing
HTTP protocols.
Ensure that the server is running.
Remote subcommands require a running server.
List the existing protocols by using the
list-protocols
subcommand.
Example 13-2 Listing the Protocols
This example lists the existing protocols.
asadmin> list-protocols
admin-listener
http-1
http-listener-1
http-listener-2
Command list-protocols executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help list-protocols
at the command line.
Use the delete-protocol
subcommand in remote mode to remove a
protocol.
Ensure that the server is running.
Remote subcommands require a running server.
Delete a protocol by using the delete-protocol
subcommand
Example 13-3 Deleting a Protocol
This example deletes the protocol named http-1
.
asadmin> delete-protocol http-1
Command delete-protocol executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help delete-protocol
at the command line.
Each HTTP listener has an HTTP configuration, which is created either by
using the create-http
subcommand or by using the built-in
configurations that are applied when you follow the instructions in
To Create an HTTP Network Listener.
The following topics are addressed here:
Use the create-http
subcommand in remote mode to create a set of HTTP
parameters for a protocol. This set of parameters configures one or more
network listeners,
Ensure that the server is running.
Remote subcommands require a running server.
Create an HTTP configuration by using the
create-http
subcommand.
Information about options and properties for the subcommand are included
in this help page.
Example 13-4 Creating an HTTP Configuration
This example creates an HTTP parameter set for the protocol named
http-1
.
asadmin> create-http --timeout-seconds 60 --default-virtual-server server http-1
Command create-http executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help create-http
at the command line.
Use the delete-http
subcommand in remote mode to remove HTTP
parameters from a protocol.
Ensure that the server is running.
Remote subcommands require a running server.
Delete the HTTP parameters from a protocol by using the
delete-http
subcommand.
Example 13-5 Deleting an HTTP Configuration
This example deletes the HTTP parameter set from a protocol named
http-1
.
asadmin> delete-http http-1
Command delete-http executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help delete-http
at the command line.
Each HTTP listener has an HTTP transport, which is created either by
using the create-transport
subcommand or by using the built-in
transports that are applied when you follow the instructions in
To Create an HTTP Network Listener.
The following topics are addressed here:
Use the create-transport
subcommand in remote mode to create a
transport for a network listener,
Ensure that the server is running.
Remote subcommands require a running server.
Create a transport by using the create-transport
subcommand.
Information about options and properties for the subcommand are included
in this help page.
Example 13-6 Creating a Transport
This example creates a transport named http1-trans
that uses a
non-default number of acceptor threads.
asadmin> create-transport --acceptorthreads 100 http1-trans
Command create-transport executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help create-transport
at the command line.
Use the list-transports
subcommand in remote mode to list the existing
HTTP transports.
Ensure that the server is running.
Remote subcommands require a running server.
List the existing transports by using the
list-transports
subcommand.
Example 13-7 Listing HTTP Transports
This example lists the existing transports.
asadmin> list-transports
http1-trans
tcp
Command list-transports executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help list-transports
at the command line.
Use the delete-transport
subcommand in remote mode to remove a
transport.
Ensure that the server is running.
Remote subcommands require a running server.
Delete a transport by using the delete-transport
subcommand.
Example 13-8 Deleting a Transport
This example deletes he transport named http1-trans
.
asadmin> delete-transport http1-trans
Command delete-transport executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help delete-transport
at the command line.
The following topics are addressed here:
Use the create-http-listener
subcommand or the
create-network-listener
subcommand in remote mode to create a
listener. These subcommands provide backward compatibility and also
provide a shortcut for creating network listeners that use the HTTP
protocol. Behind the scenes, a network listener is created as well as
its associated protocol, transport, and HTTP configuration. This method
is a convenient shortcut, but it gives access to only a limited number
of options. If you want to specify the full range of listener options,
follow the instructions in To Create an Internet
Connection.
Ensure that the server is running.
Remote subcommands require a running server.
Create an HTTP network listener by using the
create-network-listener
subcommand or the
create-http-listener
subcommand.
If needed, restart the server.
If you edit the special HTTP network listener named admin-listener
,
you must restart the server for changes to take effect. See
To Restart a Domain.
Example 13-9 Creating an HTTP Listener
This example creates an HTTP listener named sampleListener
that uses a
non-default number of acceptor threads. Security is not enabled at
runtime.
asadmin> create-http-listener --listeneraddress 0.0.0.0
--listenerport 7272 --defaultvs server --servername host1.sun.com
--acceptorthreads 100 --securityenabled=false
--enabled=false sampleListener
Command create-http-listener executed successfully.
Example 13-10 Creating a Network Listener
This example a network listener named sampleListener
that is not
enabled at runtime:
asadmin> create-network-listener --listenerport 7272 protocol http-1
--enabled=false sampleListener
Command create-network-listener executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help create-http-listener
or
asadmin help create-network-listener
at the command line.
Use the list-http-listeners
subcommand or the list-network-listeners
subcommand in remote mode to list the existing HTTP listeners.
Ensure that the server is running.
Remote subcommands require a running server.
List HTTP listeners by using the
list-http-listeners
or
list-network-listeners
subcommand.
Example 13-11 Listing HTTP Listeners
This example lists the HTTP listeners. The same output is given if you
use the list-network-listeners
subcommand.
asadmin> list-http-listeners
admin-listener
http-listener-2
http-listener-1
Command list-http-listeners executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help list-http-listeners
or
asadmin help list-network-listeners
at the command line.
List HTTP listeners by using the
list-http-listeners
or
list-network-listeners
subcommand.
Modify the values for the specified listener by using the
set
subcommand.
The listener is identified by its dotted name.
Example 13-12 Updating an HTTP Network Listener
This example changes security-enabled
to false
on http-listener-2
.
asadmin> set server.network-config.protocols.protocol.http-listener-2.security-enabled=false
Command set executed successfully.
Use the delete-http-listener
subcommand or the
delete-network-listener
subcommand in remote mode to delete an
existing HTTP listener. This disables secure communications for the
listener.
Ensure that the server is running.
Remote subcommands require a running server.
List HTTP listeners by using the
list-http-listeners
subcommand.
Delete an HTTP listener by using the
delete-http-listener
or
delete-network-listener
subcommand.
To apply your changes, restart GlassFish Server.
See To Restart a Domain.
Example 13-13 Deleting an HTTP Listener
This example deletes the HTTP listener named sampleListener
:
asadmin> delete-http-listener sampleListener
Command delete-http-listener executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help delete-http-listener
or
asadmin help delete-network-listener
at the command line.
Use the create-ssl
subcommand in remote mode to create and configure
an SSL element in the specified listener. This enables secure
communication for the listener.
Ensure that the server is running.
Remote subcommands require a running server.
Configure an HTTP listener by using the
create-ssl
subcommand.
To apply your changes, restart GlassFish Server.
See To Restart a Domain.
Example 13-14 Configuring an HTTP Listener for SSL
This example enables the HTTP listener named http-listener-1
for SSL:
asadmin> create-ssl --type http-listener --certname sampleCert http-listener-1
Command create-ssl executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help create-ssl
at the command line.
In GlassFish Server, you can configure the SSL protocol of an HTTP
listener such that it requests a certificate before permitting a client
connection, but does not refuse a connection if the client does not
provide one. To enable this feature, set the client-auth
property of
the SSL protocol to the value want
. For example:
asadmin> set configs.config.config-name.network-config.protocols.\
protocol.listener-name.ssl.client-auth=want
In GlassFish Server, you can configure the SSL protocol an HTTP listener
such that it uses a custom implementation of SSL. To enable this
feature, set the classname
property of the SSL protocol to the name of
a class that implements the com.sun.grizzly.util.net.SSLImplementation
interface. For example:
asadmin> set configs.config.config-name.network-config.protocols.\
protocol.listener-name.ssl.classname=SSLImplementation-class-name
By default, GlassFish Server uses the implementation
com.sun.enterprise.security.ssl.GlassfishSSLImpl
for the SSL protocol.
Use the delete-ssl
subcommand in remote mode to delete the SSL element
in the specified listener. This disables secure communications for the
listener.
Ensure that the server is running.
Remote subcommands require a running server.
Delete SSL from an HTTP listener by using the
delete-ssl
subcommand.
To apply your changes, restart GlassFish Server.
See To Restart a Domain.
Example 13-15 Deleting SSL From an HTTP Listener
This example disables SSL for the HTTP listener named http-listener-1
:
asadmin> delete-ssl --type http-listener http-listener-1
Command delete-http-listener executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help delete-ssl
at the command line.
In the Administration Console, open the HTTP Service component under the relevant configuration.
Open the HTTP Listeners component under the HTTP Service component.
Select or create a new HTTP listener.
Select from the Default Virtual Server drop-down list.
For more information, see To Assign a Default Web Module to
a Virtual Server.
See Also
For details, click the Help button in the Administration Console from the HTTP Listeners page.
A virtual server is a virtual web server that serves content targeted for a specific URL. Multiple virtual servers can serve content using the same or different host names, port numbers, or IP addresses. The HTTP service directs incoming web requests to different virtual servers based on the URL.
When you first install GlassFish Server, a default virtual server is created. You can assign a default virtual server to each new HTTP listener you create.
Web applications and Java EE applications containing web components (web modules) can be assigned to virtual servers during deployment. A web module can be assigned to more than one virtual server, and a virtual server can have more than one web module assigned to it. If you deploy a web application and don’t specify any assigned virtual servers, the web application is assigned to all currently defined virtual servers. If you then create additional virtual servers and want to assign existing web applications to them, you must redeploy the web applications. For more information about deployment, see the GlassFish Server Open Source Edition Application Deployment Guide.
You can define virtual server properties using the asadmin set
command. For example:
asadmin> set server-config.http-service.virtual-server.MyVS.property.sso-enabled="true"
Some virtual server properties can be set for a specific web application. For details, see "glassfish-web-app" in GlassFish Server Open Source Edition Application Deployment Guide.
The following topics are addressed here:
By default, when GlassFish Server starts, the following virtual servers are started automatically:
A virtual server named server
, which hosts all user-defined web
modules.
For development, testing, and deployment of web services in a
non-production environment, server
is often the only virtual server
required.
A virtual server named __asadmin
, which hosts all
administration-related web modules (specifically, the Administration
Console). This server is restricted, which means that you cannot deploy
web modules to this virtual server.
In a production environment, additional virtual servers provide hosting facilities for users and customers so that each appears to have its own web server, even though there is only one physical server.
Use the create-virtual-server
subcommand in remote mode to create the
named virtual server.
Before You Begin
A virtual server must specify an existing HTTP listener. Because the virtual server cannot specify an HTTP listener that is already being used by another virtual server, create at least one HTTP listener before creating a new virtual server.
Ensure that the server is running.
Remote subcommands require a running server.
Create a virtual server by using the
create-virtual-server
subcommand.
Information about properties for this subcommand is included in this
help page.
To apply your changes, restart GlassFish Server.
See To Restart a Domain.
Example 13-16 Creating a Virtual Server
This example creates a virtual server named sampleServer
on
localhost
.
asadmin> create-virtual-server sampleServer
Command create-virtual-server executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help create-virutal-server
at the command line.
Use the list-virtual-servers
subcommand in remote mode to list the
existing virtual servers.
Ensure that the server is running.
Remote subcommands require a running server.
List virtual servers by using the
list-virtual-servers
subcommand.
Example 13-17 Listing Virtual Servers
This example lists the virtual servers for localhost
.
asadmin> list-virtual-servers
sampleListener
admin-listener
http-listener-2
http-listener-1
Command list-http-listeners executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help list-virutal-servers
at the command line.
List virtual servers by using the
list-virtual-servers
subcommand.
Modify the values for the specified virtual server by using the
set
subcommand.
The virtual server is identified by its dotted name.
Use the delete-virtual-server
subcommand in remote mode to delete an
existing virtual server.
Ensure that the server is running.
Remote subcommands require a running server.
List virtual servers by using the
list-virtual-servers
subcommand.
If necessary, notify users that the virtual server is being deleted.
Delete a virtual server by using the
delete-virtual-server
subcommand.
To apply your changes, restart GlassFish Server.
See To Restart a Domain.
Example 13-18 Deleting a Virtual Server
This example deletes the virtual server named sampleServer
from
localhost
.
asadmin> delete-virtual-server sampleServer
Command delete-virtual-server executed successfully.
See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help delete-virutal-server
at the command line.
A default web module can be assigned to the default virtual server and to each new virtual server. To access the default web module for a virtual server, point the browser to the URL for the virtual server, but do not supply a context root. For example:
http://myvserver:3184/
A virtual server with no default web module assigned serves HTML or JavaServer Pages ( JSP) content from its document root, which is usually domain-dir`/docroot`. To access this HTML or JSP content, point your browser to the URL for the virtual server, do not supply a context root, but specify the target file.
For example:
http://myvserver:3184/hellothere.jsp
You can assign a virtual server to a deployed application or web module.
Before You Begin
The application or module must already be deployed. For more information, see the GlassFish Server Open Source Edition Application Deployment Guide.
In the Administration Console, open the HTTP Service component under the relevant configuration.
Open the Virtual Servers component under the HTTP Service component.
Select the virtual server to which you want to assign a default web module.
Select the application or web module from the Default Web Module
drop-down list.
For more information, see To Assign a Default Web Module to
a Virtual Server.
JSESSIONIDSSO
Cookie AttributesUse the sso-cookie-http-only
and sso-cookie-secure
virtual server
attributes to set the HttpOnly
and Secure
attributes of any
JSESSIONIDSSO
cookies associated with web applications deployed to the
virtual server.
Use the set
subcommand to set the value of the
sso-cookie-http-only
and sso-cookie-secure
virtual server
attributes.
The values supported for these attributes are as follows:
sso-cookie-http-only
A boolean value that specifies whether the HttpOnly
attribute is
included in JSESSIONIDSSO
cookies. When set to true
, which is the
default, the HttpOnly
attribute is included. When set to false
,
the HttpOnly
attribute is not included.
sso-cookie-secure
A string value that specifies whether the Secure
attribute is
included in JSESSIONIDSSO
cookies. Allowed values are as follows:
true
— The Secure
attribute is included.
false
— The Secure
attribute is not included.
dynamic
— The Secure
attribute setting is inherited from the
first session participating in SSO. This is the default value.
Previous | Next | Contents |
DRAFT