cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Henning, Mark - AES" <Mark.Henn...@itt.com>
Subject RE: Constraining Stand-alone Embedded Jetty service address in code
Date Tue, 10 Feb 2009 19:14:42 GMT
My thanks to Daniel,

His suggestion of: 

	JettyHTTPServerEngineFactory sef = new JettyHTTPServerEngineFactory();
        JettyHTTPServerEngine eng = sef.createJettyHTTPServerEngine(8080, "http");
        SelectChannelConnector con = new SelectChannelConnector();
        con.setHost("localhost");
        con.setPort(8080);
        eng.setConnector(con);
	JaxWsServerFactoryBean svrFactory = new JaxWsServerFactoryBean();
        svrFactory.setServiceClass(ISvcCtl.class);
        svrFactory.setAddress("http://127.0.0.1:8080/shutdown");
        svrFactory.setServiceBean(ctl);
        svrFactory.getInInterceptors().add(new LoggingInInterceptor());
        svrFactory.getOutInterceptors().add(new LoggingOutInterceptor());
        svrFactory.create();

solved the problem.  Our service is now secured from external access and fully compliant with
our customer's requirements.

Mark Henning
Principal Software Engineer
ITT Corp, Advanced Engineering & Sciences
mark.henning@itt.com
763-463-0057
 

-----Original Message-----
From: Daniel Kulp [mailto:dkulp@apache.org] 
Sent: 10-Feb-2009 11:53 AM
To: users@cxf.apache.org
Cc: Henning, Mark - AES
Subject: Re: Constraining Stand-alone Embedded Jetty service address in code



I think you can do this by setting the Jetty connector yourself:


JettyHTTPServerEngineFactory sef = bus.get(JettyHTTPServerEngineFactory.class)
JettyHTTPServerEngine eng = sef.createJettyHTTPServerEngine(8080, "http");

SelectChannelConnector result = 
                new SelectChannelConnector();
                
result.setHost("localhost");
result.setPort(porto);
eng.setConnector(result);


That would all need to be called before anything "starts up"  on the port.

Dan







On Tue February 3 2009 11:40:21 am Henning, Mark - AES wrote:
> Good Day,
>
> We are developing an application that needs to be able to lock down the
> embedded jetty server to listen _ONLY_ to packets on 127.0.0.1. I have
> looked through the documentation and have not found what I'm looking for. 
> The server is started with the code below:
>
>         svrFactory = new JaxWsServerFactoryBean();
>         svrFactory.setServiceClass(ISvcCtl.class);
>         svrFactory.setAddress("http://127.0.0.1:8080/shutdown");
>         svrFactory.setServiceBean(ctl);
>         svrFactory.getInInterceptors().add(new LoggingInInterceptor());
>         svrFactory.getOutInterceptors().add(new LoggingOutInterceptor());
>         svrFactory.create();
> ....
> INFO: Started SelectChannelConnector@0.0.0.0:8080
>
> However, it ignores the address I give and instead listens to 0.0.0.0:8080.
>  I'm sure that this is the preferred general behavior, but due to a
> specific client requirement, I need to be able to lock it down.  I would
> like to understand how to accomplish this in two ways:
>
> 1)       Purely in-code... no XML configuration (fully compliant with our
> customer requirement), 2)       In a cxf.xml file on the classpath.  (may
> not be fully compliant, as the local user could potentially start the app
> using his/er own cxf.xml, bypassing the customer intent, but still much
> more flexible)
>
> Any help or pointers to the correct document would be appreciated.
>
>
> Mark Henning
>
> Principal Software Engineer
>
> ITT Corp, Advanced Engineering & Sciences
>
> mark.henning@itt.com
>
> 763-463-0057
>
>
> ________________________________
> This e-mail and any files transmitted with it may be proprietary and are
> intended solely for the use of the individual or entity to whom they are
> addressed. If you have received this e-mail in error please notify the
> sender. Please note that any views or opinions presented in this e-mail are
> solely those of the author and do not necessarily represent those of ITT
> Corporation. The recipient should check this e-mail and any attachments for
> the presence of viruses. ITT accepts no liability for any damage caused by
> any virus transmitted by this e-mail.

-- 
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog

Mime
View raw message