Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to disable and enable admin console (admin-listener, port 4848) from the command line

I would like to control when and where the admin service is accessible

How do I do one of the following (if possible)

  1. Enable the admin console only from localhost (I know about disable-secure-admin, but still I don't want anyone to see the console login page when they add 4848 in the end) I will use SSH tunnle to connect

  2. Or, be able to use a certificate, so only certified clients will be able to even see the console

  3. Or, be able on demand to start / stop the admin service when needed, not opening it to the outside world (e.g. start stop __asadmin virtual server)

Is any of the above possible?

like image 788
Eran Medan Avatar asked Aug 11 '12 00:08

Eran Medan


People also ask

How do I disable admin console?

If you cannot log into the administrative console and you must disable administrative security, locate your profile_root /bin directory and first run the wsadmin -conntype NONE command. At the wsadmin prompt, type securityoff and then type exit to return to a command prompt.

How to create domain in GlassFish?

To Create a Domain. After installing GlassFish Server and creating the default domain ( domain1 ), you can create additional domains by using the local create-domain subcommand. This subcommand creates the configuration of a domain.

What is GlassFish domain?

A domain is an administrative boundary that contains a group of GlassFish Server instances that are administered together. Each instance can belong to only one domain. A domain provides a preconfigured runtime for user applications.


2 Answers

Ok, I found it by guess-work

Solution to scenario #1

  • Make sure you have SSH tunnel on port 4848 first
  • Go to Configuration -> server-config -> Network Config -> Network Listeners -> admin-listener
  • Under the General tab, in the Address: field replace 0.0.0.0 to 127.0.0.1
  • Restart the server

Solution to scenario #3

I didn't find any command line way to enable / disable virtual servers, network listeners or protocols, but editing domain.xml shows that it's all there, just comment out and restart.

like image 144
Eran Medan Avatar answered Sep 20 '22 20:09

Eran Medan


  1. Use asadmin to update the The HTTP Network Listener named admin-listener.

  2. asadmin enable-secure-admin-principal "Instructs GlassFish Server, when secure admin is enabled, to accept admin requests from clients identified by the specified SSL certificate".

  3. asadmin enable-secure-admin "enables secure admin (if it is not already enabled), optionally changing the alias used for DAS-to-instance admin messages or the alias used for instance-to-DAS admin messages". Also a good blog on the subject. This doesn't turn admin on/off, but enables/disables for remote access to the admin console without the complications of (1).

like image 30
Richard Sitze Avatar answered Sep 17 '22 20:09

Richard Sitze