Closed glassfishrobot closed 13 years ago
glassfishrobot
commented
6 years ago glassfishrobot
commented
13 years ago @glassfishrobot Commented anilam said: Did you restart the domain ?
For 3.1, to enable security, you need to run the enable-secure-admin command. Restart the server, then your request will be redirected to https.
%asadmin enable-secure-admin %asadmin stop domain %asadmin start-domain
glassfishrobot
commented
13 years ago @glassfishrobot Commented lft said:
Did you restart the domain ? Yes I restarted domain.
For 3.1, to enable security, you need to run the enable-secure-admin command. Restart the server, then your request will be redirected to https.
And I can't enable it just using web-console or just editing domain.xml any more?
glassfishrobot
commented
13 years ago @glassfishrobot Commented anilam said: The 'enable-secure-admin' does a lot more than just enable security in the admin-listener. Several 'network listener' will be created and setup using Port Unification. So, you really cannot just edit domain.xml. Hand edit domain.xml is never recommended anyway.
Admin Console will support this operation once we fix #16126.
glassfishrobot
commented
13 years ago @glassfishrobot Commented @tjquinno said: Please take a look at the documentation
http://download.oracle.com/docs/cd/E18930_01/html/821-2435/gknqh.html
and/or this blog
http://blogs.sun.com/quinn/entry/securing_adminstration_in_glassfish_server2
for more information on secure administration.
Both places describe the new enable-secure-admin command.
glassfishrobot
commented
13 years ago @glassfishrobot Commented lft said: Thanks.
glassfishrobot
commented
13 years ago @glassfishrobot Commented anilam said: fyi, I have filed http://java.net/jira/browse/GLASSFISH-16142 and hope that we can prevent user from just changing the security-enabled attribute in admin-listener.
glassfishrobot
commented
13 years ago @glassfishrobot Commented Was assigned to anilam
glassfishrobot
commented
7 years ago @glassfishrobot Commented This issue was imported from java.net JIRA GLASSFISH-16124
glassfishrobot
commented
13 years ago @glassfishrobot Commented Reported by lft
glassfishrobot
commented
13 years ago @glassfishrobot Commented Marked as won't fix on Wednesday, March 2nd 2011, 2:49:15 am
The admin console doesn't work after enabling securiy check box for admin-listener
[#|2011-03-02T21:21:59.358+0300|INFO|glassfish3.1|javax.enterprise.system.tools.admin.com.sun.enterprise.container.common|_ThreadID=49;_ThreadName=Thread-1;|Use r [] from host localhost.localdomain does not have administration access|#]
[#|2011-03-02T21:22:15.709+0300|SEVERE|glassfish3.1|org.apache.catalina.connector.CoyoteAdapter|_ThreadID=23;_ThreadName=Thread-1;|PWC3989: An exception or erro r occurred in the container during the request processing com.sun.jersey.api.client.ClientHandlerException: java.net.SocketException: Unexpected end of file from server at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:131) at com.sun.jersey.api.client.Client.handle(Client.java:629) at com.sun.jersey.api.client.filter.HTTPBasicAuthFilter.handle(HTTPBasicAuthFilter.java:81)
at com.sun.jersey.api.client.WebResource.handle(WebResource.java:601) at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74) at com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:499) at org.glassfish.admingui.common.security.AdminConsoleAuthModule.validateRequest(AdminConsoleAuthModule.java:225) at com.sun.enterprise.security.jmac.config.GFServerConfigProvider$GFServerAuthContext.validateRequest(GFServerConfigProvider.java:1171) at com.sun.web.security.RealmAdapter.validate(RealmAdapter.java:1311) at com.sun.web.security.RealmAdapter.invokeAuthenticateDelegate(RealmAdapter.java:1189) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:551) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:623) at org.apache.catalina.core.StandardPipeline.doChainInvoke(StandardPipeline.java:600) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:96) at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:91) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:162) at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:326) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:227) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:228) at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:822) at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:719) at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1013) at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225) at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90) at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79) at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54) at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59) at com.sun.grizzly.ContextTask.run(ContextTask.java:71) at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532) at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513) at java.lang.Thread.run(Thread.java:662) Caused by: java.net.SocketException: Unexpected end of file from server at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:769) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:632) at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:766) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:632) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1200) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:379) at com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URLConnectionClientHandler.java:217) at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:129) ... 32 more
| #] |
Environment
Linux 2.6.18-194.17.4.el5 #1 SMP Mon Oct 25 15:50:53 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux
java version "1.6.0_23" Java(TM) SE Runtime Environment (build 1.6.0_23-b05) Java HotSpot(TM) 64-Bit Server VM (build 19.0-b09, mixed mode)
Affected Versions
[3.1]