Hi everyone,
Now that we are using Undertow as the domain management HTTP server it
is now possible to use a HTTP upgrade for the native management and
remote-jmx protocols. This will allow us to run all management protocols
over port 9990, and allow us to remove 9999 from our default config. The
idea is significantly reduce the ports that are open in our default
config, ideally eventually we will just have a management and
application HTTP ports and that will be it (although some technologies
such as CORBA are not compatible with HTTP Upgrade).
With this in mind I have started working on a series of patches[1] to
implement this, that I am hoping will be ready to merge early next week.
(These patches are still a work in progress, but the core functionality
works).
For those of you who are not familiar with HTTP upgrade it is a
mechanism where a client makes a HTTP request to the client with the
Upgrade: header set, the server will then respond with a HTTP 101
response. In our implementation the server then hands the channel over
to JBoss Remoting which then performs its normal handshake, including
authentication.
The upshot of all this will be:
- We no longer have port 9999 open by default, which will break older
clients that attempt to talk to a default AS8 instance (it will still be
possible to add a native interface to allow it to work with older clients).
- ModelControllerClient.Factory.create() now allows you to specify a
protocol, which can be either remote, http or https.
- Remote JMX will now require a service:jmx:http(s)-remoting-jmx:// URL
rather than the current service:jmx:remoting-jmx://
I have not touched domain management yet, and these patches are not yet
ready for merging, but because this is a fairly big change I thought I
would get peoples thoughts before I finish it off and submit a PR.
Stuart
[1]
https://github.com/stuartwdouglas/xnio/compare/http-upgrade
https://github.com/stuartwdouglas/jboss-remoting/compare/http-upgrade
https://github.com/stuartwdouglas/remoting-jmx/compare/http-upgrade
https://github.com/stuartwdouglas/jboss-as/compare/http-upgrade