jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "sbarriba" <sbarr...@yahoo.co.uk>
Subject Anonymous port used by JackRabbit RMI not-firewall friendly
Date Thu, 22 Nov 2007 12:24:35 GMT
Hi all,

We've noticed when trying to access JackRabbit over RMI that opening port
1098 is not sufficient.

As org.apache.jackrabbit.rmi.server.ServerObject uses the anonymous
constructor for UnicastRemoteObject
(http://java.sun.com/j2se/1.4.2/docs/api/java/rmi/server/UnicastRemoteObject
.html) the repository RMI object opens a 2nd port which changes continually
e.g. 54228 etc.

This means that JackRabbit RMI cannot be configured securely through a
firewall.

 

As a test we modified the constructor of ServerObject to use

 

protected ServerObject(RemoteAdapterFactory factory)

            throws RemoteException {

                              super(1198);

        this.factory = factory;

    }

 

This allowed us to open ports 1098 and 1198 only.

 

This would suggest that an additional configuration setting should be added
to a) avoid using anonymous ports and b) allow this port to be externally
configured.

 

Thoughts?

Regards,

Shaun


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message