http://www.aaa.com:8080/web1
http://www.bbb.com:8080/web2
http://www.ccc.com:8080/web3
Copyright © 2019, Oracle and/or its affiliates. All rights reserved.
|
Administering Internet Connectivity DRAFT |
| Previous | Next | Contents |
This chapter provides procedures for performing internet connectivity
tasks in the GlassFish Server Open Source Edition 5.0 environment by
using the asadmin command-line utility.
The following topics are addressed here:
Instructions for accomplishing the tasks in this chapter by using the Administration Console are contained in the Administration Console online help.
The HTTP service provides functionality for deploying web applications and for making deployed web applications accessible by Internet clients, either in a single application server instance or in a cluster of multiple server instances. HTTP services are provided by two kinds of related objects: listeners and virtual servers.
For more information about clusters, see the GlassFish Server Open Source Edition High Availability Administration Guide.
The following topics are addressed here:
An HTTP listener, also known as a network listener, is a listen socket that has an Internet Protocol (IP) address, a port number, a server name, and a default virtual server. Each virtual server provides connections between the server and clients through one or more listeners. Each listener must have a unique combination of port number and IP address. For example, an HTTP listener can listen for a host on all configured IP addresses on a given port by specifying the IP address 0.0.0.0. Alternatively, the listener can specify a unique IP address for each listener while using the same port.
Because an HTTP listener is a combination of IP address and port number, you can have multiple HTTP listeners with the same IP address and different port numbers, or with different IP addresses and the same port number (if your host was configured to respond to these addresses). However, if an HTTP listener uses the 0.0.0.0 IP address, which listens on all IP addresses on a port, you cannot create HTTP listeners for additional IP addresses that listen on the same port for a specific IP address. For example, if an HTTP listener uses 0.0.0.0:8080 (all IP addresses on port 8080), another HTTP listener cannot use 1.2.3.4:8080. The host running the GlassFish Server typically has access to only one IP address. HTTP listeners typically use the 0.0.0.0 IP address and different port numbers, with each port number serving a different purpose. However, if the host does have access to more than one IP address, each address can serve a different purpose.
To access a web application deployed on GlassFish Server, use the URL
http://localhost:8080/ (or https://localhost:8081/ for a secure
application), along with the context root specified for the web
application.
To access the Administration Console, use the URL
https://localhost:4848/ or http://localhost:4848/asadmin/ (console
default context root).
A virtual server, sometimes called a virtual host, is an object that
allows the same physical server to host multiple Internet domain names.
All virtual servers hosted on the same physical server share the IP
address of that physical server. A virtual server associates a domain
name for a server (such as www.aaa.com) with the particular server on
which GlassFish Server is running. Each virtual server must be
registered with the DNS server for your network.
|
Note
|
Do not confuse an Internet domain with the administrative domain of GlassFish Server. |
For example, assume that you want to host the following domains on your
physical server: www.aaa.com, www.bbb.com, and www.ccc.com. Assume
that these domains are respectively associated with web modules web1,
web2, and web3. This means that the following URLs are handled by
your physical server:
http://www.aaa.com:8080/web1
http://www.bbb.com:8080/web2
http://www.ccc.com:8080/web3The first URL is mapped to virtual server www.aaa.com, the second URL
is mapped to virtual server www.bbb.com, and the third is mapped to
virtual server www.ccc.com. For this mapping to work, www.aaa.com,
www.bbb.com, and www.ccc.com must all resolve to your physical
server’s IP address and each virtual server must be registered with the
DNS server for your network. In addition, on a UNIX system, add these
domains to your /etc/hosts file (if the setting for hosts in your
/etc/nsswitch.conf file includes files).
By default, when GlassFish Server starts, the following HTTP listeners are started automatically:
HTTP listeners associated with the virtual server named server:
The listener named http-listener-1 does not have security enabled.
The listener named http-listener-2 has security enabled
An HTTP listener named admin-listener, associated with the virtual
server named __asadmin. For this listener, security is not enabled.
The following table describes the GlassFish Server default ports for the listeners that use ports.
Table 13-1 Default Ports for Listeners
| Listener | Default Port | Description |
|---|---|---|
Administrative server |
4848 |
A domain’s administrative server is
accessed by the Administration Console and the |
HTTP |
8080 |
The web server listens for HTTP requests on a port. To access deployed web applications and services, clients connect to this port. |
HTTPS |
8181 |
Web applications configured for secure communications listen on a separate port. |
The following topics are addressed here:
Use the subcommands in this procedure to create an internet connection with the full range of listener options. A network listener is created behind the scenes. For the shortcut version of this process , see To Create an HTTP Network Listener.
Ensure that the server is running.
Remote subcommands require a running server.
Create an HTTP or HTTPS protocol by using the
create-protocol subcommand with the
--securityenabled option.
To use the built-in http-listener-1 HTTP protocol, or
http-listener-2 HTTPS protocol, skip this step.
Create an HTTP configuration by using the
create-http subcommand.
To use a built-in protocol, skip this step.
Create a transport by using the create-transport
subcommand.
To use the built-in tcp transport, skip this step.
Create a thread pool by using the
create-threadpool subcommand.
To avoid using a thread pool, or to use the built-in http-thread-pool
thread pool, skip this step.
For additional thread pool information, see
Administering Thread Pools.
Create an HTTP listener by using the
create-network-listener subcommand.
Specify a protocol and transport, optionally a thread pool.
To apply your changes, restart GlassFish Server.
See To Restart a Domain.
See Also
You can also view the full syntax and options of the subcommand by
typing a command such as asadmin help create-http-listener at the
command line.
Each HTTP listener has an HTTP protocol, which is created either by
using the create-protocol subcommand or by using the built-in
protocols that are applied when you follow the instructions in
To Create an HTTP Network Listener.
The following topics are addressed here:
Use the create-protocol subcommand in remote mode to create a
protocol.
Ensure that the server is running.
Remote subcommands require a running server.
Create a protocol by using the create-protocol
Information about options and properties for the subcommand are included
in this help page.
Example 13-1 Creating an HTTP Protocol
This example creates a protocol named http-1 with security enabled.
asadmin> create-protocol --securityenabled=true http-1
Command create-protocol executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help create-protocol at the command line.
Use the list-protocols subcommand in remote mode to list the existing
HTTP protocols.
Ensure that the server is running.
Remote subcommands require a running server.
List the existing protocols by using the
list-protocols subcommand.
Example 13-2 Listing the Protocols
This example lists the existing protocols.
asadmin> list-protocols
admin-listener
http-1
http-listener-1
http-listener-2
Command list-protocols executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help list-protocols at the command line.
Use the delete-protocol subcommand in remote mode to remove a
protocol.
Ensure that the server is running.
Remote subcommands require a running server.
Delete a protocol by using the delete-protocol
subcommand
Example 13-3 Deleting a Protocol
This example deletes the protocol named http-1.
asadmin> delete-protocol http-1
Command delete-protocol executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help delete-protocol at the command line.
Each HTTP listener has an HTTP configuration, which is created either by
using the create-http subcommand or by using the built-in
configurations that are applied when you follow the instructions in
To Create an HTTP Network Listener.
The following topics are addressed here:
Use the create-http subcommand in remote mode to create a set of HTTP
parameters for a protocol. This set of parameters configures one or more
network listeners,
Ensure that the server is running.
Remote subcommands require a running server.
Create an HTTP configuration by using the
create-http subcommand.
Information about options and properties for the subcommand are included
in this help page.
Example 13-4 Creating an HTTP Configuration
This example creates an HTTP parameter set for the protocol named
http-1.
asadmin> create-http --timeout-seconds 60 --default-virtual-server server http-1
Command create-http executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help create-http at the command line.
Use the delete-http subcommand in remote mode to remove HTTP
parameters from a protocol.
Ensure that the server is running.
Remote subcommands require a running server.
Delete the HTTP parameters from a protocol by using the
delete-http subcommand.
Example 13-5 Deleting an HTTP Configuration
This example deletes the HTTP parameter set from a protocol named
http-1.
asadmin> delete-http http-1
Command delete-http executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help delete-http at the command line.
Each HTTP listener has an HTTP transport, which is created either by
using the create-transport subcommand or by using the built-in
transports that are applied when you follow the instructions in
To Create an HTTP Network Listener.
The following topics are addressed here:
Use the create-transport subcommand in remote mode to create a
transport for a network listener,
Ensure that the server is running.
Remote subcommands require a running server.
Create a transport by using the create-transport
subcommand.
Information about options and properties for the subcommand are included
in this help page.
Example 13-6 Creating a Transport
This example creates a transport named http1-trans that uses a
non-default number of acceptor threads.
asadmin> create-transport --acceptorthreads 100 http1-trans
Command create-transport executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help create-transport at the command line.
Use the list-transports subcommand in remote mode to list the existing
HTTP transports.
Ensure that the server is running.
Remote subcommands require a running server.
List the existing transports by using the
list-transports subcommand.
Example 13-7 Listing HTTP Transports
This example lists the existing transports.
asadmin> list-transports
http1-trans
tcp
Command list-transports executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help list-transports at the command line.
Use the delete-transport subcommand in remote mode to remove a
transport.
Ensure that the server is running.
Remote subcommands require a running server.
Delete a transport by using the delete-transport
subcommand.
Example 13-8 Deleting a Transport
This example deletes he transport named http1-trans.
asadmin> delete-transport http1-trans
Command delete-transport executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help delete-transport at the command line.
The following topics are addressed here:
Use the create-http-listener subcommand or the
create-network-listener subcommand in remote mode to create a
listener. These subcommands provide backward compatibility and also
provide a shortcut for creating network listeners that use the HTTP
protocol. Behind the scenes, a network listener is created as well as
its associated protocol, transport, and HTTP configuration. This method
is a convenient shortcut, but it gives access to only a limited number
of options. If you want to specify the full range of listener options,
follow the instructions in To Create an Internet
Connection.
Ensure that the server is running.
Remote subcommands require a running server.
Create an HTTP network listener by using the
create-network-listener subcommand or the
create-http-listener subcommand.
If needed, restart the server.
If you edit the special HTTP network listener named admin-listener,
you must restart the server for changes to take effect. See
To Restart a Domain.
Example 13-9 Creating an HTTP Listener
This example creates an HTTP listener named sampleListener that uses a
non-default number of acceptor threads. Security is not enabled at
runtime.
asadmin> create-http-listener --listeneraddress 0.0.0.0
--listenerport 7272 --defaultvs server --servername host1.sun.com
--acceptorthreads 100 --securityenabled=false
--enabled=false sampleListener
Command create-http-listener executed successfully.Example 13-10 Creating a Network Listener
This example a network listener named sampleListener that is not
enabled at runtime:
asadmin> create-network-listener --listenerport 7272 protocol http-1
--enabled=false sampleListener
Command create-network-listener executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help create-http-listener or
asadmin help create-network-listener at the command line.
Use the list-http-listeners subcommand or the list-network-listeners
subcommand in remote mode to list the existing HTTP listeners.
Ensure that the server is running.
Remote subcommands require a running server.
List HTTP listeners by using the
list-http-listeners or
list-network-listeners subcommand.
Example 13-11 Listing HTTP Listeners
This example lists the HTTP listeners. The same output is given if you
use the list-network-listeners subcommand.
asadmin> list-http-listeners
admin-listener
http-listener-2
http-listener-1
Command list-http-listeners executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help list-http-listeners or
asadmin help list-network-listeners at the command line.
List HTTP listeners by using the
list-http-listeners or
list-network-listeners subcommand.
Modify the values for the specified listener by using the
set subcommand.
The listener is identified by its dotted name.
Example 13-12 Updating an HTTP Network Listener
This example changes security-enabled to false on http-listener-2.
asadmin> set server.network-config.protocols.protocol.http-listener-2.security-enabled=false
Command set executed successfully.Use the delete-http-listener subcommand or the
delete-network-listener subcommand in remote mode to delete an
existing HTTP listener. This disables secure communications for the
listener.
Ensure that the server is running.
Remote subcommands require a running server.
List HTTP listeners by using the
list-http-listeners subcommand.
Delete an HTTP listener by using the
delete-http-listener or
delete-network-listener subcommand.
To apply your changes, restart GlassFish Server.
See To Restart a Domain.
Example 13-13 Deleting an HTTP Listener
This example deletes the HTTP listener named sampleListener:
asadmin> delete-http-listener sampleListener
Command delete-http-listener executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help delete-http-listener or
asadmin help delete-network-listener at the command line.
Use the create-ssl subcommand in remote mode to create and configure
an SSL element in the specified listener. This enables secure
communication for the listener.
Ensure that the server is running.
Remote subcommands require a running server.
Configure an HTTP listener by using the
create-ssl subcommand.
To apply your changes, restart GlassFish Server.
See To Restart a Domain.
Example 13-14 Configuring an HTTP Listener for SSL
This example enables the HTTP listener named http-listener-1 for SSL:
asadmin> create-ssl --type http-listener --certname sampleCert http-listener-1
Command create-ssl executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help create-ssl at the command line.
In GlassFish Server, you can configure the SSL protocol of an HTTP
listener such that it requests a certificate before permitting a client
connection, but does not refuse a connection if the client does not
provide one. To enable this feature, set the client-auth property of
the SSL protocol to the value want. For example:
asadmin> set configs.config.config-name.network-config.protocols.\
protocol.listener-name.ssl.client-auth=wantIn GlassFish Server, you can configure the SSL protocol an HTTP listener
such that it uses a custom implementation of SSL. To enable this
feature, set the classname property of the SSL protocol to the name of
a class that implements the com.sun.grizzly.util.net.SSLImplementation
interface. For example:
asadmin> set configs.config.config-name.network-config.protocols.\
protocol.listener-name.ssl.classname=SSLImplementation-class-nameBy default, GlassFish Server uses the implementation
com.sun.enterprise.security.ssl.GlassfishSSLImpl for the SSL protocol.
Use the delete-ssl subcommand in remote mode to delete the SSL element
in the specified listener. This disables secure communications for the
listener.
Ensure that the server is running.
Remote subcommands require a running server.
Delete SSL from an HTTP listener by using the
delete-ssl subcommand.
To apply your changes, restart GlassFish Server.
See To Restart a Domain.
Example 13-15 Deleting SSL From an HTTP Listener
This example disables SSL for the HTTP listener named http-listener-1:
asadmin> delete-ssl --type http-listener http-listener-1
Command delete-http-listener executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help delete-ssl at the command line.
In the Administration Console, open the HTTP Service component under the relevant configuration.
Open the HTTP Listeners component under the HTTP Service component.
Select or create a new HTTP listener.
Select from the Default Virtual Server drop-down list.
For more information, see To Assign a Default Web Module to
a Virtual Server.
See Also
For details, click the Help button in the Administration Console from the HTTP Listeners page.
A virtual server is a virtual web server that serves content targeted for a specific URL. Multiple virtual servers can serve content using the same or different host names, port numbers, or IP addresses. The HTTP service directs incoming web requests to different virtual servers based on the URL.
When you first install GlassFish Server, a default virtual server is created. You can assign a default virtual server to each new HTTP listener you create.
Web applications and Java EE applications containing web components (web modules) can be assigned to virtual servers during deployment. A web module can be assigned to more than one virtual server, and a virtual server can have more than one web module assigned to it. If you deploy a web application and don’t specify any assigned virtual servers, the web application is assigned to all currently defined virtual servers. If you then create additional virtual servers and want to assign existing web applications to them, you must redeploy the web applications. For more information about deployment, see the GlassFish Server Open Source Edition Application Deployment Guide.
You can define virtual server properties using the asadmin set
command. For example:
asadmin> set server-config.http-service.virtual-server.MyVS.property.sso-enabled="true"Some virtual server properties can be set for a specific web application. For details, see "glassfish-web-app" in GlassFish Server Open Source Edition Application Deployment Guide.
The following topics are addressed here:
By default, when GlassFish Server starts, the following virtual servers are started automatically:
A virtual server named server, which hosts all user-defined web
modules.
For development, testing, and deployment of web services in a
non-production environment, server is often the only virtual server
required.
A virtual server named __asadmin, which hosts all
administration-related web modules (specifically, the Administration
Console). This server is restricted, which means that you cannot deploy
web modules to this virtual server.
In a production environment, additional virtual servers provide hosting facilities for users and customers so that each appears to have its own web server, even though there is only one physical server.
Use the create-virtual-server subcommand in remote mode to create the
named virtual server.
Before You Begin
A virtual server must specify an existing HTTP listener. Because the virtual server cannot specify an HTTP listener that is already being used by another virtual server, create at least one HTTP listener before creating a new virtual server.
Ensure that the server is running.
Remote subcommands require a running server.
Create a virtual server by using the
create-virtual-server subcommand.
Information about properties for this subcommand is included in this
help page.
To apply your changes, restart GlassFish Server.
See To Restart a Domain.
Example 13-16 Creating a Virtual Server
This example creates a virtual server named sampleServer on
localhost.
asadmin> create-virtual-server sampleServer
Command create-virtual-server executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help create-virutal-server at the command line.
Use the list-virtual-servers subcommand in remote mode to list the
existing virtual servers.
Ensure that the server is running.
Remote subcommands require a running server.
List virtual servers by using the
list-virtual-servers subcommand.
Example 13-17 Listing Virtual Servers
This example lists the virtual servers for localhost.
asadmin> list-virtual-servers
sampleListener
admin-listener
http-listener-2
http-listener-1
Command list-http-listeners executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help list-virutal-servers at the command line.
List virtual servers by using the
list-virtual-servers subcommand.
Modify the values for the specified virtual server by using the
set subcommand.
The virtual server is identified by its dotted name.
Use the delete-virtual-server subcommand in remote mode to delete an
existing virtual server.
Ensure that the server is running.
Remote subcommands require a running server.
List virtual servers by using the
list-virtual-servers subcommand.
If necessary, notify users that the virtual server is being deleted.
Delete a virtual server by using the
delete-virtual-server subcommand.
To apply your changes, restart GlassFish Server.
See To Restart a Domain.
Example 13-18 Deleting a Virtual Server
This example deletes the virtual server named sampleServer from
localhost.
asadmin> delete-virtual-server sampleServer
Command delete-virtual-server executed successfully.See Also
You can also view the full syntax and options of the subcommand by
typing asadmin help delete-virutal-server at the command line.
A default web module can be assigned to the default virtual server and to each new virtual server. To access the default web module for a virtual server, point the browser to the URL for the virtual server, but do not supply a context root. For example:
http://myvserver:3184/A virtual server with no default web module assigned serves HTML or JavaServer Pages ( JSP) content from its document root, which is usually domain-dir`/docroot`. To access this HTML or JSP content, point your browser to the URL for the virtual server, do not supply a context root, but specify the target file.
For example:
http://myvserver:3184/hellothere.jspYou can assign a virtual server to a deployed application or web module.
Before You Begin
The application or module must already be deployed. For more information, see the GlassFish Server Open Source Edition Application Deployment Guide.
In the Administration Console, open the HTTP Service component under the relevant configuration.
Open the Virtual Servers component under the HTTP Service component.
Select the virtual server to which you want to assign a default web module.
Select the application or web module from the Default Web Module
drop-down list.
For more information, see To Assign a Default Web Module to
a Virtual Server.
JSESSIONIDSSO Cookie AttributesUse the sso-cookie-http-only and sso-cookie-secure virtual server
attributes to set the HttpOnly and Secure attributes of any
JSESSIONIDSSO cookies associated with web applications deployed to the
virtual server.
Use the set subcommand to set the value of the
sso-cookie-http-only and sso-cookie-secure virtual server
attributes.
The values supported for these attributes are as follows:
sso-cookie-http-onlyA boolean value that specifies whether the HttpOnly attribute is
included in JSESSIONIDSSO cookies. When set to true, which is the
default, the HttpOnly attribute is included. When set to false,
the HttpOnly attribute is not included.
sso-cookie-secureA string value that specifies whether the Secure attribute is
included in JSESSIONIDSSO cookies. Allowed values are as follows:
true — The Secure attribute is included.
false — The Secure attribute is not included.
dynamic — The Secure attribute setting is inherited from the
first session participating in SSO. This is the default value.
| Previous | Next | Contents |
Copyright © 2019, Oracle and/or its affiliates. All rights reserved.
DRAFT