Add documentation about mod_jk connectors. The planned outline looks like this: 1. Configuring the Web Subsystem 1.1. Basic Configuration 1.2. Configuring Connectors 1.2.1. Configuring HTTP Connectors 1.2.2. Configuring HTTPS Connectors 1.2.3. Configuring AJP Connectors 1.2.4. Configuring Native Connectors 1.3. Configuring Virtual Servers 1.4. Querying Connectors
A first draft is developed and feedback attained from SME.
http://documentation-stage.bne.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/2/html-single/HTTP_Connectors_Load_Balancing_Guide/index.html#id3258018
looks different in the doc right now
*** Bug 865720 has been marked as a duplicate of this bug. ***
http://documentation-devel.engineering.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/2/html/HTTP_Connectors_Load_Balancing_Guide/clustering-http-jboss.html {original} [standalone@localhost:9999 /] /subsystem=web/connector=test-connector:add( socket-binding=custom, scheme=http, protocol="HTTP/1.1", enabled=true )) {original} {should-be} [standalone@localhost:9999 /] /subsystem=web/connector=test-connector:add(socket-binding=custom,scheme=http,protocol="HTTP/1.1",enabled=true) {should-be} ---------------------------------------------------------------------------- Configure the HTTP Connector {original} [standalone@localhost:9999 /] /subsystem=web/connector=test-connector:add( socket-binding=custom, scheme=http, protocol="HTTP/1.1", enabled=true ) {original} this is command for creating new connector - it is wrong. ----------------------------------------------------------------------------- Use the Socket Binding to Create a New HTTPS Connector {original} [standalone@localhost:9999 /] /subsystem=web/connector=test-connector:add(socket-binding=https, scheme=https, protocol="HTTP/1.1", enabled=true, ssl = {}) {original} paramater ssl is not supported (at least in EAP 6.0.1.ER2 does not work) I think, it was ment: {maybe} [standalone@localhost:9999 /] /subsystem=web/connector=test-connector:add(socket-binding=https, scheme=https, protocol="HTTP/1.1", enabled=true, secure = true) {maybe} ------------------------------------------------------------------------------ I belive that somewhere in this chapter should be link to EAP doc, where mod_jk configuration is explained to details. Smth. like: https://access.redhat.com/knowledge/docs/en-US/JBoss_Enterprise_Application_Platform/6/html-single/Administration_and_Configuration_Guide/index.html#sect-Apache_mod_jk
(In reply to comment #5) > http://documentation-devel.engineering.redhat.com/docs/en-US/ > JBoss_Enterprise_Web_Server/2/html/HTTP_Connectors_Load_Balancing_Guide/ > clustering-http-jboss.html > > {original} > [standalone@localhost:9999 /] /subsystem=web/connector=test-connector:add( > socket-binding=custom, scheme=http, protocol="HTTP/1.1", > enabled=true > )) > {original} > > {should-be} > [standalone@localhost:9999 /] > /subsystem=web/connector=test-connector:add(socket-binding=custom, > scheme=http,protocol="HTTP/1.1",enabled=true) > {should-be} > > ---------------------------------------------------------------------------- > Fixed. > Configure the HTTP Connector > {original} > [standalone@localhost:9999 /] /subsystem=web/connector=test-connector:add( > socket-binding=custom, scheme=http, protocol="HTTP/1.1", > enabled=true > ) > {original} > > this is command for creating new connector - it is wrong. > > ----------------------------------------------------------------------------- > Adding Jean-Frederic to figure out the correct command the above. > Use the Socket Binding to Create a New HTTPS Connector > {original} > [standalone@localhost:9999 /] > /subsystem=web/connector=test-connector:add(socket-binding=https, > scheme=https, protocol="HTTP/1.1", enabled=true, ssl = {}) > {original} > > paramater ssl is not supported (at least in EAP 6.0.1.ER2 does not work) > > I think, it was ment: > {maybe} > [standalone@localhost:9999 /] > /subsystem=web/connector=test-connector:add(socket-binding=https, > scheme=https, protocol="HTTP/1.1", enabled=true, secure = true) > {maybe} > > ----------------------------------------------------------------------------- > - Fixed above. > > I belive that somewhere in this chapter should be link to EAP doc, where > mod_jk configuration is explained to details. Smth. like: > > https://access.redhat.com/knowledge/docs/en-US/ > JBoss_Enterprise_Application_Platform/6/html-single/ > Administration_and_Configuration_Guide/index.html#sect-Apache_mod_jk Added a new section after this one to clearly state where further details are found.
For the ssl: I am afraid that is a bug in AS7 :-(
> > Configure the HTTP Connector > > {original} > > [standalone@localhost:9999 /] /subsystem=web/connector=test-connector:add( > > socket-binding=custom, scheme=http, protocol="HTTP/1.1", > > enabled=true > > ) > > {original} > > > > this is command for creating new connector - it is wrong. > > Jean-Frederic, would you mind adding info about the correct way to configure the HTTP connector? > > Use the Socket Binding to Create a New HTTPS Connector > > {original} > > [standalone@localhost:9999 /] > > /subsystem=web/connector=test-connector:add(socket-binding=https, > > scheme=https, protocol="HTTP/1.1", enabled=true, ssl = {}) > > {original} > > > > paramater ssl is not supported (at least in EAP 6.0.1.ER2 does not work) > > > > I think, it was ment: > > {maybe} > > [standalone@localhost:9999 /] > > /subsystem=web/connector=test-connector:add(socket-binding=https, > > scheme=https, protocol="HTTP/1.1", enabled=true, secure = true) > > {maybe} > > > > ---------------------------------------------------------------------------- I used your correction, Radhim. What is the recommended approach to this now? Can we leave out SSL and still do this successfully? Sorry Jean-Frederic, I must tag you here again, as I have no idea how to work around this issue.
Actually the ssl configuration needs to be added after adding the connector. /subsystem=web/connector=test-connector:add(socket-binding=https,scheme=https, protocol="HTTP/1.1", enabled=true, secure = true) /subsystem=web/connector=test-connector/configuration=ssl:add :reload Note that the node must be restarted _immediately_, because the connector runs without ssl when the first add is done.
http://documentation-devel.engineering.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/2/html/HTTP_Connectors_Load_Balancing_Guide/clustering-http-jboss.html There are problems in procedures - Procedure 3.4. Configure HTTP Connectors - there is code for for HTTPS connector (see 2. Configure the HTTP Connector), please use the code mentioned here in comment 5 (item 1) - move item "3. Use a Socket Binding to Create a New HTTP Connector" into procedure Procedure "3.5. Configure HTTPS Connectors", just behind "2. Use the Socket Binding to Create a New HTTPS Connector" and rename it to smth. like "Reload SSL configuration" and add text "Note that the node must be restarted _immediately_, because the connector runs without ssl when the first add is done."
the command :reload does it, just some more explanations would be nice.
(In reply to comment #11) > http://documentation-devel.engineering.redhat.com/docs/en-US/ > JBoss_Enterprise_Web_Server/2/html/HTTP_Connectors_Load_Balancing_Guide/ > clustering-http-jboss.html > > There are problems in procedures > - Procedure 3.4. Configure HTTP Connectors > - there is code for for HTTPS connector (see 2. Configure the HTTP > Connector), please use the code mentioned here in comment 5 (item 1) Code updated. > - move item "3. Use a Socket Binding to Create a New HTTP Connector" into > procedure Procedure "3.5. Configure HTTPS Connectors", just behind "2. Use > the Socket Binding to Create a New HTTPS Connector" and rename it to smth. > like "Reload SSL configuration" and add text "Note that the node must be > restarted _immediately_, because the connector runs without ssl when the > first add is done." Moved to Procedure 3.5 as the new Step 2, renamed and adjusted text. Also added an important note as directed.
These changes can now be verified here: http://documentation-devel.engineering.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/2/html/HTTP_Connectors_Load_Balancing_Guide/clustering-http-jboss.html
It is needed to swap parts Reload the SSL Configuration <-> Use the Socket Binding to Create a New HTTPS Connector in "Procedure 3.5. Configure HTTPS Connectors"
Jan, just to clarify, do you mean that the title of the switched out step should remain Use the Socket Binding etc. rather than the new title Reload the SSL Configuration? If I have misunderstood you, please let me know.
Misha, "Procedure 3.5. Configure HTTPS Connectors" 1. Create a New Socket Binding (this is OK) ... 2. Use the Socket Binding to Create a New HTTPS Connector Use the following configuration to create a new HTTPS connector with an unused socket binding: ... 3. Reload the SSL Configuration Use the following configuration to reload the SSL configuration for a HTTP connector: ...
Thanks for the clarification, Jan. This bug will be set to ON_QA once this change appears on the stage.
This can be verified here: http://documentation-devel.engineering.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/2/html/HTTP_Connectors_Load_Balancing_Guide/clustering-http-jboss.html
In fact I don't like the stuff I suggested... 3 Reload the SSL Configuration: (Reload looks weird). In fact the good sequence to create an ssl connector should be the following: /subsystem=web/connector=test-connector:add(socket-binding=https, scheme=https, protocol="HTTP/1.1", enabled=false, secure = true) /subsystem=web/connector=test-connector/configuration=ssl:add /subsystem=web/connector=test-connector:write-attribute(name=enabled, value=true) :reload
1 - Create a New Socket Binding - UNCHANGED - 2 - Use the Socket Binding to Create a New HTTPS Connector - just change enabled=true into enabled=true 3 - Add the SSL configuration to the connector /subsystem=web/connector=test-connector/configuration=ssl:add Note: That use the default configuration for SSL (for JSSE: the keystore in ${user.home}/.keystore and the password "changeit", for OpenSSL: there isn't a default configuration so you need to configure the configuration=ssl element correctly). See http://docs.jboss.org/jbossweb/7.0.x/config/ssl.html
4 - Reload the server to get the new configuration active: :reload And remove the Important note....
Updated Procedure 3.5. (In reply to comment #21) > 1 - Create a New Socket Binding > - UNCHANGED - > > 2 - Use the Socket Binding to Create a New HTTPS Connector > - just change enabled=true into enabled=true > Changed to enabled=false. I assume this was intended based on Jean-Frederic's comment#20. > 3 - Add the SSL configuration to the connector > /subsystem=web/connector=test-connector/configuration=ssl:add > Note: That use the default configuration for SSL (for JSSE: the keystore > in ${user.home}/.keystore and the password "changeit", for OpenSSL: there > isn't a default configuration so you need to configure the configuration=ssl > element correctly). Updated with note. Also: (In reply to comment #22) > 4 - Reload the server to get the new configuration active: > :reload Added step 4. > And remove the Important note.... Removed note.
This can be verified here: http://documentation-devel.engineering.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/2/html/HTTP_Connectors_Load_Balancing_Guide/clustering-http-jboss.html#idp5673664
Great! just please add link from comment 21 into related note: See http://docs.jboss.org/jbossweb/7.0.x/config/ssl.html
crap I missed the command to enable the connector before the :reload /subsystem=web/connector=test-connector:write-attribute(name=enabled, value=true) So I think we need: 4 - enable the connnector: /subsystem=web/connector=test-connector:write-attribute(name=enabled, value=true) 5 - Reload the server to get the new configuration active: :reload
4 - enable the connnector: s/connnector/connector
No problem. This bug will be set to ON_QA when this change appears on the stage.
Sorry folks, the doc stage is down again or at least not refreshing for over 3 hours. Please verify the updates here instead for now: http://file.bne.redhat.com/~mhusnain/HTTP_Connectors_Guide/html-single/#idp41381488
Looks OK now. Congrats!
This bug is set to CLOSED CURRENT RELEASE to indicate that this fix is now released and available at access.redhat.com.