GlassFish - World's first Java EE 7 Application Server


Port Unification

There are 2 pieces to port unification: port redirection and multiple protocol support on one port.

Redirection

Redirection is useful in cases where, for example, you want to serve only HTTPS traffic regardless of the original request. If a browser makes an HTTP request, the server can respond with a 302 response code and redirect the browser to the HTTPS version. To configure that, take the following steps:

  1. asadmin create-protocol http-redirect
  2. asadmin create-protocol-filter --protocol http-redirect --classname com.sun.grizzly.config.HttpRedirectFilter redirect-filter
  3. asadmin create-protocol pu-protocol
  4. asadmin create-protocol-finder --protocol pu-protocol --target-protocol http-listener-2 --classname com.sun.grizzly.config.HttpProtocolFinder http-finder
  5. asadmin create-protocol-finder --protocol pu-protocol --target-protocol http-redirect --classname com.sun.grizzly.config.HttpProtocolFinder http-redirect
  6. asadmin set configs.config.server-config.network-config.network-listeners.network-listener.http-listener-1.protocol=pu-protocol

Once that is done you can check the server's response for an HTTP request and see the 302:

wget -S -O /tmp/index.html --no-check-certificate http://localhost:8080

--2010-07-21 14:41:48-- http://localhost:8080/
Resolving localhost (localhost)... ::1, fe80::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:8080... connected.
HTTP request sent, awaiting response...
HTTP/1.1 302 Moved Temporarily
Location: https://localhost:8080/
Connection:close
Cache-control: private
Location: https://localhost:8080/ following
--2010-07-21 14:41:48-- https://localhost:8080/
Connecting to localhost (localhost)|::1|:8080... connected.
WARNING: cannot verify localhost's certificate, issued by "/C=US/ST=California/L=Santa Clara/O=Oracle Corporation/OU=GlassFish/CN=localhost":
Self-signed certificate encountered.
HTTP request sent, awaiting response...
HTTP/1.1 200 OK
X-Powered-By: Servlet/3.0 JSP/2.2 (GlassFish Server Open Source Edition 3.1-SNAPSHOT Java/Apple Inc./1.6)
Server: GlassFish Server Open Source Edition 3.1-SNAPSHOT
Accept-Ranges: bytes
ETag: W/"5212-1278454248000"
Last-Modified: Tue, 06 Jul 2010 22:10:48 GMT
Content-Type: text/html
Content-Length: 5212
Date: Wed, 21 Jul 2010 18:41:48 GMT
Connection: Keep-Alive
Length: 5212 (5.1K) [text/html]

As you can see the server responds with the 302, the client gets redirected to the HTTPS listener which returns the 200 for the HTTPS request.

Multiple Protocols

This is useful when an administrator really only wants to open one port on a firewall, e.g., but still needs to serve many different types of applications. For this, follow these steps:

  1. cp -v dummy-protocol.jar <GlassFish Home>/domains/domain1/autodeploy/bundles/dummy-protocol.jar
  2. asadmin create-protocol pu-protocol
  3. asadmin create-protocol pu-http-protocol
  4. asadmin create-http --default-virtual-server server pu-http-protocol
  5. asadmin create-protocol-finder --protocol pu-protocol --target-protocol pu-http-protocol --classname com.sun.grizzly.http.portunif.HttpProtocolFinder http-finder
  6. asadmin create-protocol pu-dummy-protocol
  7. asadmin create-protocol-finder --protocol pu-protocol --target-protocol pu-dummy-protocol --classname org.glassfish.devtests.web.portunif.DummyProtocolFinder dummy-finder
  8. asadmin create-protocol-filter --protocol pu-dummy-protocol --classname org.glassfish.devtests.web.portunif.DummyProtocolFilter dummy-filter
  9. asadmin set configs.config.server-config.network-config.network-listeners.network-listener.http-listener-2.protocol=pu-protocol
  10. asadmin set configs.config.server-config.network-config.network-listeners.network-listener.http-listener-2.enabled=true

In this example, we're using a simple dummy protocol. To see this configuration in action, point your browser to http://localhost:8181. There you'll see the familiar default GlassFish welcome screen. To see the dummy protocol in action, telnet to localhost port 8181. At the prompt, type dummy-protocol and hit enter. You'll see the text Dummy-Protocol-Response come back. And there you have two different protocols served on the same port.

The [^dummy-protocol.jar] as well bash script versions ([^MS3PortUnifDemo.sh], [^MS3PortRedirectDemo.sh]) of this page are attached. Note for the bash scripts to work, you'll need the nc utility. All the asadmin commands will work but the validation portions of the scripts use nc to talk to the server.

Comments:

Hello

When I execute the command
asadmin create-protocol-filter --protocol http-redirect --classname com.sun.grizzly.config.HttpRedirectFilter redirect-filter

then I receive a: CLI001 Invalid Command: create-protocol-finder

Im Using GlassFish Server Open Source Edition 3.0.1 (build 22) on Ubuntu.

How can I solve the problem?
Thanks in advance
Posted by tax789 at May 18, 2011 14:21