We have Tomcat application server set up at port 8080 and Apache Http Server at port 80.
httpd redirects all traffic on port 80 to port 8080.
I am looking at the tomcat server console for our site and I see several requests on port 8009. These requests stay alive for as long as 100 to 150 seconds.
We aren't making any requests to that port. Where then are these requests coming from? Why don't they finish?
8009 is the port commonly used by AJP.
The Apache JServ Protocol (AJP) is a binary protocol that can proxy
inbound requests from a web server through to an application server
that sits behind the web server.
Here's more info on AJP and its usage/configuration within Tomcat.
The AJP Connector element represents a Connector component that
communicates with a web connector via the AJP protocol. This is used
for cases where you wish to invisibly integrate Tomcat 5 into an
existing (or new) Apache installation, and you want Apache to handle
the static content contained in the web application, and/or utilize
Apache's SSL processing.
Related
I have a netty-socket server running on ports 8191 and 8190. nginx is configured to listen on port 443 from the netty-socket client[both the ports configured on 443] and proxy requests to the netty-socketio server.Netty version being used is 4.1.49.Final
Since we can't run two same ports on a machine, we have configured Nginx to listen to 443 port and redirect them to 8191 and 8190 based on the calls we are making.
If I connect directly to the socket server everything works as expected, however, when connecting via Nginx connections drop and never come up. But both client and server are running.
Attaching the configurations of the netty server, client and Nginx.
Nettyclient
NettyServer
Nginx conf
I'm trying to use eclipse TCP/IP Monitor to capture http calls from my localhost web server (hybris- tomcat) to remote web service (REST calls) . So when I browse my local site (on same machine where the tomcat) I will be able to see (on the IDE) all the REST call going out from the application to the remote web services .
when using IDE TCP/IP Monitor - what ports and host do I have to set? I know the remote webservice I'm calling is listen on port 443 , and I see that the tomcat connector use port 8009 but how can I enforce the call to go through the monitor?
Use Fiddler for monitoring http requests.
Situation:
My client has a Java web application deployed on a JBoss server, it is accessed both via HTTPS and HTTP
The JBoss server is sitting behind a load-balancer that handles the SSL, in other words this load-balancer terminates SSL and sends requests to JBoss as plain HTTP
Problem I need to solve:
The web application deployed on JBoss needs to know what port the load-balancer is using for HTTPS, so that it can direct users to certain HTTPS urls correctly. This cannot be hard-coded because the application will be deployed on multiple clients, each of them have different configurations for the load-balancer.
My approach (which didn't work):
I am defining the port from a jspx page, via ${pageContext.request.serverPort}, but this always returns the port for HTTP because JBoss always gets the request via HTTP.
Thanks in advance. I've looked at this question but was not helpful.
There isn't really a way to determine the port if tomcat is sitting behind a load balancer. As suggested in the comments, exposing the port configuration to your clients would be the best for now.
I have a java application running on a server IP 1.1.1.1 port 111
I have an Apache server running on IP 1.1.1.2 port 80
Apache should be configured as a proxy.
Clients will configure their computers to point to my Apache proxy at 1.1.1.2 port 80
The question is could i configure the Apache server to redirect the requests coming from the client to the java app for processing and if the java app sees that it should deny the request then it will inform Apache and Apache by its turn should informs the client.
Am i dreaming or this could be implemented?
Any suggestions would be very helpful
Yes, this is possible. Have a look at the mod_proxy plugin for Apache. There are a few security and implementation considerations to cover, such as:
Is the site to be accessed via a new virtual host defined in Apache, or an existing one?
HTTP vs HTTPs access? (From your post, it seems like the decision is to use HTTP port 80)
What URL(s) to match on for the proxy rule to trigger?
Is the access allowed from all IP ranges or only a particular subnet?
Is there a benefit in offloading some of the static resources to the Apache server to ease the load on the backend application server, or using a mod_deflate to gzip the resources before forwarding them to the clients?
mod_proxy documentation
I'm trying to setup a Solaris KSSL proxy (http://www.c0t0d0s0.org/archives/5575-Less-known-Solaris-Features-kssl.html) as a frontend to a Jetty web server.
I'm able to make KSSL work with Apache web server so that KSSL redirects all incoming SSL traffic from port 443 into an Apache web server listening on port 28080.
However the same configuration does not work when Jetty is listening on port 28080. I verified that the KSSL requests does not even reach Jetty or at least I cannot see them in the access log. Furthermore even if I set a simple Java class which just listens on a server socket, KSSL cannot redirect requests to it.
My question is what are the pre-requisites from a web server in order to be able to get requests from KSSL ?
Best regards,
Lior
There are 2 very common gotchas when working with kssl.
The first is that the apache listening IP has to be the same
as your ksslcfg command. So if you have Listen 123.123.123.123:28080 in
the httpd.conf file, then you must use a ksslcfg command with the same IP.
You cannot have it listening on ANY (*) and then list an IP in ksslcfg,
or listen on an IP and leave out the IP on ksslcfg. Whatever netstat shows
is listening on port 28080 must match the IP used in ksslcfg
(or don't use the IP it is listening on *)
The second is that you must do the operations in this order:
ksslcfg
restart apache
It doesn't not work if ksslcfg is run without restarting apache afterward.
I've seen many people on the web testing with something like
localhost in their ksslcfg command. It won't work unless you also
had localhost as the Listen IP in the apache configuration.