JBoss AJP Connector

Hello All,

We are trying to setup an Apache reverse proxy server in front of Percussion CMS via Apache AJP connector (mod_jk) to communicate to CMS server. In order to achieve the goal, we had configured a "worker.properties: in Apache server:

---------------------worker.properties------------------
worker.list=ajp13
worker.ajp13.port=9998
worker.ajp13.host= ipaddress
worker.ajp13.type=ajp13
---------------------worker.properties------------------

where “9998” is the port number that CMS embedded JBoss server is using for AJP 1.3 connector (got the port value from server.xml). We have also confirmed the “9998” is open for firewall inbound traffic. But when we tested it, AJP connector failed to open socket to “ipaddress:9998” since the port “9998” is currently listening by ‘localhost’ only.

I get a feeling that Percussion CMS’s Jboss binds its services to the default ‘localhost’ interface (127.0.0.1) and its “jboss.bind.address” system property was not explicitly configured via “run -b ip-address” script (jboss start up script).

How can we resolve this issue? Can we include some parameters in the run script to explicitly state the jboss.bind.address to the ipaddress we want?

If there is a better approach, please advise.

Thanks
Ravi

You can enable the AJP connector by editing the server.xml in jbossweb-tomcat55.sar. There is nothing Percussion specific in this file.

We’re just shipping the default configuration from JBoss, it isn’t quite as open as you would like, but it not as “locked down” as some other customers would like.

Dave

Thanks Dave,

We were able to change the settings and connect. But one thing though, your firewall security level should not be too high for that port, else it will reject it outright.

Ravi

No question you have to be careful with firewall settings and the connector settings. This is an infrastructure issue that you can run into with almost any application server.

Dave