| Author |
Message
|
| ayhz2008 |
 Posted: Thu Sep 24, 2009 11:15 am Post subject: Using port 443 for message broker Httplistener |
 |
|
Newbie
Joined: 24 Sep 2009
Posts: 2
|
Hi,
We have a requirement to use port 443 for the message broker httplistener (for web services). The broker in on linux. Since port 443 is within the range of the privileged ports (owned by root), we have two options:
1) Start the broker under "root" service id
or
2) Map port 443 to port 7080 and assign port 7080 to the httplistener.
Option 1 is not allowed in our environment and we wish to avoid the port mapping if possible.
We have already granted "sudo" permission to the current broker service id just to be able to get some root privileges so that we can use port 443 but it did not work at all. I have also taken an httplistener trace and the trace showed that port 443 is in use (actually it is not in use) and the httplistener can't bind to it. It looks like the broker thinks that the port is in use because it cannot access it.
Has anybody done any such requirement with the message broker before? and how it was done?
Thanks for any info in advance
ayhz2008 |
|
| Back to top |
|
 |
| Vitor |
| Posted: Thu Sep 24, 2009 12:35 pm Post subject: Re: Using port 443 for message broker Httplistener |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| ayhz2008 wrote: |
| Option 1 is not allowed in our environment |
I'm interested - what is driving the requirement to use this port, given the restrictions? Are you simply trying to establish a secure connection (https)?
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Thu Sep 24, 2009 12:42 pm Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
Broker won't magically decide the port is in use if it really isn't in use.
Double-check what netstat shows, when Broker is not running, and when Broker is running.
Also, use the HTTPProxyServlet that is included in Broker 6.1.0.3 or later, instead of directly exposing your Broker on port 443. |
|
| Back to top |
|
|
| ayhz2008 |
| Posted: Thu Sep 24, 2009 1:03 pm Post subject: |
|
|
Newbie
Joined: 24 Sep 2009
Posts: 2
|
| Yes, we want to use the HTTPSConnector for the web service. I checked the 443 port using netstat and lsof and it is NOT in use. I even changed the port to 445 and the httplistener was not able to bind to it. The trace still shows that the port is in use (where in fact it is NOT) |
|
| Back to top |
|
|
| Vitor |
| Posted: Thu Sep 24, 2009 1:12 pm Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| ayhz2008 wrote: |
| Yes, we want to use the HTTPSConnector for the web service. |
There's more to https than pointing at a different port. Have you followed the steps in the WMB documentation?
You should also consider the suggestion of my worthy associate.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
|
|
