[jboss-as7-dev] Remoting issues

David M. Lloyd david.lloyd at redhat.com
Mon Sep 26 14:19:04 EDT 2011 

Inline:

On 09/26/2011 09:38 AM, Kabir Khan wrote:
> From chat discussions I am doing the following for servers, in the order below:
>
> 1) Using 2 separate endpoints for our current configuration, i.e.
> <management>
>      <management-interfaces>
>         <native-interface interface="management" port="9999" />
>      </management-interfaces>
> </management>
> gives a 'management' endpoint. If there a remoting subsystem exists, that results in a 'subsystem' endpoint.

Endpoints should have names which are as unique as possible.  Perhaps 
"${jboss.node.name}:management" for the management endpoint is a better 
option, or make it configurable.

> 2) Ability to choose the subsystem endpoint for management.
> Something along the lines of this for a domain mode server which needs an endpoint to connect back to the HC:
> <server-group>
>      <subsystem-management-endpoint/>
> </server-group>
> This will cause it to use the remoting subsystem endpoint, absense of this will create the management endpoint.

This is a possible solution though like I said the endpoint name is 
significant.  Also one hopes that the user would be given the option to 
register management with more than one endpoint?

> For a standalone server:
> <management>
>      <management-interfaces>
>         <native-remoting connector="some-remoting-connector" />
>      </management-interfaces>
> </management>
> This will not open the management endpoint but use the subsystem one instead. This needs a little bit more thinking to install the correct channel open listener into the connector
>
> 3) Better configuration of connectors and channel open listeners in the remoting subsystem
> 4) Meet with Darran later this week to understand the security stuff a bit better

Normally the services (channel open listeners) are configured by those 
who register them, though ultimately if we (for example) want to add 
some additional authorization checks at this level then it would make 
more sense to do this globally.  Let's make sure that we're not 
duplicating security or connector configuration between the management 
endpoint and the subsystem one.

-- 
- DML

More information about the jboss-as7-dev mailing list