jetty server refusing connections from 127.0.0.1 - jetty

Not sure what's going on here exactly, but my local jetty server that I'm running via the maven plugin, as in:
<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<version>${org.mortbay.jetty.version}</version>
<configuration>
<systemProperties>
<systemProperty>
<name>webapp.env.name</name>
<value>local</value>
</systemProperty>
</systemProperties>
<stopPort>8080</stopPort>
<stopKey>foo</stopKey>
</configuration>
</plugin>
... is refusing all connections from 127.0.0.1...
For instance, if I run curl 'http://localhost:8080' I get a valid html response pointing at the contents of my webapp directory. But curl 'http://127.0.0.1:8080' returns curl: (52) Empty reply from server. Does anyone out there know how I might configure jetty properly to accept such connections? This is complicating our dev team's local configurations quite a bit.
Thanks!

Related

Bad Request - Invalid Hostname in IIS8

I am working on an asp.net core application, but my project stops running from debug mode(using f5). I need to host it on local IIS to debug the code. When running it locally I am getting this error "Bad Request - Invalid Hostname".
You can try below steps to solve this problem:
Exit the IIS Express instant currently running.
Open IIS Express’s applicationhost.config located at the following path C:\Users\\Documents\IISExpress\config\applicationhost.config
Find the entry for a particular site (e.g “Test” running in port 6306) which you are developing.e.g:
<site name="test" id="1">
<application path="/" applicationPool="gratedAppPool">
<virtualDirectory path="/" physicalPath="" />
</application>
<bindings>
<binding protocol="http" bindingInformation="*:6306:localhost" />
</bindings>
</site>
Replace the following bindingInformation=":6306:localhost" with bindingInformation=":6306:*"
Save the file.
Start a command prompt in administrator mode and run the following command.
netsh http add urlacl url=http://*:6306/ user=Everyone
Now debug the site again and you should be able to access the url using host name.

Artifactory OSS 6.5.2 - can't connect to the UI from servers on the network

I have recently installed Artifactory OSS 6.5.2 on a remote server in our network which runs on windows server 2012.
I can enter the UI locally (the machine running the Artifactory instance) through any of the browsers with this address:
"http://{local-ip}:8081/artifactory/webapp/#/"
When I try entering the UI from one of the machines on the network I get a "This site can’t be reached" message after multiple attempts to connect.
The request.log at {ARTIFACTORY_HOME}\logs\request.log shows that the request got through and succeeded:
"REQUEST|{remote-ip}|anonymous|GET|/webapp/|HTTP/1.1|200|0"
The same is showed for requests coming from the server running the Artifactory instance:
"REQUEST|{local-ip}|anonymous|GET|/webapp/|HTTP/1.1|200|0"
However, in contrary to the previous request from a remote machine, the initial request is followed by more requests:
"REQUEST|{local-ip}|anonymous|GET|/ui/auth/screen/footer|HTTP/1.1|200|0
REQUEST|{local-ip}|anonymous|GET|/ui/treebrowser/repoOrder|HTTP/1.1|200|0
REQUEST|{local-ip}|anonymous|GET|/ui/onboarding/initStatus|HTTP/1.1|200|0
REQUEST|{local-ip}|anonymous|GET|/ui/auth/current|HTTP/1.1|200|0"
I thought maybe there is an automatic redirection that uses 'localhost' instead of the ip or hostname so I tried changing the {ARTIFACTORY_HOME}\tomcat\conf\server.xml:
<Service name="Catalina">
<Connector port="8081" sendReasonPhrase="true" relaxedPathChars='[]' relaxedQueryChars='[]'/>
<!-- Must be at least the value of artifactory.access.client.max.connections -->
<Connector port="8040" sendReasonPhrase="true" maxThreads="50"/>
<!-- This is the optional AJP connector -->
<Connector port="8019" protocol="AJP/1.3" sendReasonPhrase="true"/>
<Engine name="Catalina" defaultHost="localhost">
<Host **name="localhost" -> name="{hostname}** appBase="webapps" startStopThreads="2"/>
</Engine>
</Service>
But then the Artifactory failed to initialize:
"[art-init] [INFO ] (o.a.s.a.ArtifactoryAccessClientConfigStore:643) -
Using Access Server URL: http://localhost:8040/access (bundled)
source: detected
[art-init] [INFO ] (o.a.s.a.AccessServiceImpl:308) - Waiting for
access server...
[art-init] [WARN ] (o.j.a.c.AccessClientHttpException:41) -
Unrecognized ErrorsModel by Access. Original message: Failed on
executing /api/v1/system/ping, with response: Not Found"
I did not set any proxies or reverse proxies as I don't think it's related, but I may be mistaken as I don't have a lot of experience with web services.
Any ideas or suggestions?
Thnx,
Tom.
I was deploying artifactory 6 via helm, then upgraded to 6.8.2 and ran into this.
had to
cd $ARTIFACTORY_HOME && chown -R artifactory:artifactory .
artifactory itself, on startup, seemed not to be able to deploy the access.war and then maybe also was not able to read the credentials it needed to hit this /access context health check "ping" api endpoint.

maven wsimport throwing security exception with PKIX path building failed:

I have an ejb which is annotated with #Webserivce. Everything in glassfish4.
The wsdl is generated correctly, soapUi can also send requests.
But when I try to generate client artifacts using jax ws maven plugin which is configured as following.
<plugin>
<groupId>org.jvnet.jax-ws-commons</groupId>
<artifactId>jaxws-maven-plugin</artifactId>
<version>2.3</version>
<executions>
<execution>
<phase>generate-sources</phase>
<goals>
<goal>wsimport</goal>
</goals>
<configuration>
<wsdlDirectory>${basedir}/src/main/resources/wsdl</wsdlDirectory>
<wsdlFiles>
<wsdlFile>transactionService.wsdl</wsdlFile>
</wsdlFiles>
<packageName>com.me.backend.connector.ws</packageName>
<sourceDestDir>${basedir}/target/generated-sources/main/java</sourceDestDir>
</configuration>
</execution>
</executions>
</plugin>
I get sun.security.validator.ValidatorException: PKIX path building failed:
So I need to know
How can I tell jax ws plugin to use the certificates ?
How can I get the certificates, currently the webservice and the client are both on localhost for development purpose
How can I tell glassfish4 not to use https and use http when exposing the webservice ?
Just noticed. Glassfish generates both http and https wsdl locations. So the http one works

Scalatra app on Openshift - setting Jetty IP

I'm trying to deploy a minimal Scalatra application on Openshift with DIY cartridge. I've managed to get SBT working, but when it comes to container:start, I get the error:
FAILED SelectChannelConnector#0.0.0.0:8080: java.net.SocketException: Permission denied
Apparently, embedded Jetty tries to open socket at 0.0.0.0, which is prohibited by Openshift (you can only open ports at $OPENSHIFT_INTERNAL_IP). How can I tell Jetty exactly which IP I need it to listen?
Yes you are right about $OPENSHIFT_INTERNAL_IP. So edit ${jetty.home}/etc/jetty.xml and set jetty.host in the connector section as follows:
…..
<Set name="connectors">
<Array type="org.mortbay.jetty.Connector">
<Item>
<New class="org.mortbay.jetty.nio.SelectChannelConnector">
<Set name="host"><SystemProperty name="jetty.host" />$OPENSHIFT_INTERNAL_IP</Set>
<Set name="port"><SystemProperty name="jetty.port" default="8080"/></Set>
...
</New>
</Item>
</Array>
</Set>
hth
I've never used Openshift, so I'm groping a bit here.
Do you have a jetty.host set?
You may need to set up a jetty.xml file and set it in there. See http://docs.codehaus.org/display/JETTY/Newbie+Guide+to+Jetty for how to set the host. You can tell the xsbt web plugin about jetty.xml by setting your project up like this:
https://github.com/JamesEarlDouglas/xsbt-web-plugin/wiki/Settings
Alternately, you may be able to pass the parameter to Jetty during startup. That'd look like this: -Djetty.host="yourhostname"
To get running with jetty 9.2.13.v20150730 on the Openshift with DIY cartridge you have to run with Java8 setting it to run on the $OPENSHIFT_INTERNAL_IP as follows. First ssh onto the host and download a jdk8 with
cd $OPENSHIFT_DATA_DIR
wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" http://download.oracle.com/otn-pub/java/jdk/8u5-b13/jdk-8u5-linux-x64.tar.gz
tar -zxf jdk-8u5-linux-x64.tar.gz
export PATH=$OPENSHIFT_DATA_DIR/jdk1.8.0_05/bin:$PATH
export JAVA_HOME="$OPENSHIFT_DATA_DIR/jdk/jdk1.8.0_05"
java -version
Then in your .openshift\action_hooks\start ensure you have the same exported variables with something like:
# see http://stackoverflow.com/a/23895161/329496 to install jdk1.8 no DIY cartridge
export JAVA_HOME="$OPENSHIFT_DATA_DIR/jdk/jdk1.8.0_05"
export PATH=$OPENSHIFT_DATA_DIR/jdk1.8.0_05/bin:$PATH
nohup java -cp ${OPENSHIFT_REPO_DIR}target/dependency/jetty-runner.jar org.eclipse.jetty.runner.Runner --host ${OPENSHIFT_DIY_IP} --port ${OPENSHIFT_DIY_PORT} ${OPENSHIFT_REPO_DIR}/target/thinbus-srp-spring-demo.war > ${OPENSHIFT_LOG_DIR}server.log 2>&1 &
(Note that jdk-8u20-linux-x64.tar.gz has also been reported to work so you may want to check for the latest available.)
That setup does not need a jetty.xml as it sets the --host and --port to bind to the correct interface and run the built war file. What it does require is that jetty-runner.jar is copied out of the ivy cache into the target folder. With maven to do that you add something like:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.3</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>copy</goal>
</goals>
<configuration>
<artifactItems>
<artifactItem>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-runner</artifactId>
<version>${jetty.version}</version>
<destFileName>jetty-runner.jar</destFileName>
</artifactItem>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
Google suggest that the SBT equivalent is simply retrieveManaged := true. You can ssh to the host and run find to figure out where the jetty-runner.jar dependency has been copied to and update the start command appropriately.

CertificateException: No name matching hostname found Maven

I have an HTTPS WSDL URL (https://hostname/MyApp/MyApp.svc?wsdl) that needs to be consumed in a Maven project. The certificate on WSDL is expired and is issued to hostname.company.com.
I have following code in Maven pom.xml
<dependencies>
<dependency>
<groupId>com.sun.xml.ws</groupId>
<artifactId>jaxws-rt</artifactId>
<scope>compile</scope>
<version>2.1.3</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>jaxws-maven-plugin</artifactId>
<version>1.10</version>
<executions>
<execution>
<goals>
<goal>wsimport</goal>
</goals>
<configuration>
<sourceDestDir>${project.build.directory}/generated-sources/jaxws-wsimport</sourceDestDir>
<wsdlUrls>
<wsdlUrl>https://hostname/MyApp/MyApp.svc?wsdl</wsdlUrl>
</wsdlUrls>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
When I do a clean and build, I get following error
[jaxws:wsimport]
Processing: https://hostname/MyApp/MyApp.svc?wsdl
jaxws:wsimport args: [-s, C:\WorkspaceNetBeans\Maven\WSTest\target\generated-sources\jaxws-wsimport, -d, C:\WorkspaceNetBeans\Maven\WSTest\target\classes, https://hostname/MyApp/MyApp.svc?wsdl]
parsing WSDL...
java.security.cert.CertificateException: No name matching hostname found
Failed to read the WSDL document: https://hostname/MyApp/MyApp.svc?wsdl, because 1) could not find the document; /2) the document could not be read; 3) the root element of the document is not <wsdl:definitions>.
failed.noservice=Could not find wsdl:service in the provided WSDL(s):
At least one WSDL with at least one service definition needs to be provided.
Failed to parse the WSDL.
I added the certificate to keystore using keytool utility. What else do I need to do?
You can download your wsdl locally from web browser and then run wsimport on that local file to generate your Java model.
You have the possible options:
1) Import the certificate of the server in to the Trust Store, also ensure that the CN name presented in the Server Certificate is same as the Hostname you are using. This link can be helpful:http://bluefoot.info/howtos/how-to-avoid-java-security-cert-certificateexception-no-name-matching-localhost-found/
2) Use a tool like Netbeans or eclipse which can ignore (I doubt it though) SSL aspects of the server.
3) Create a local version of the WSDL resolving all the dependent XSD references and use that WSDL.