Controlling Port Access

From LongJump Support Wiki
Revision as of 18:41, 22 June 2011 by imported>Aeric

Controlling Port Access

Firewall Ports

Platform Application Servers are typically deployed behind a Firewall. The firewall needs to open the ports those servers use.

The default ports are:

  • Non SSL port 80
  • SSL port 443

The SSL port always needs to be open. If the application is to be accessed only using https, the http port can be blocked. If the platform's Sites capability will be used to provide a public URL, then the http port needs to be open.

Notepad.png

Note: For secure communication, you should always access the platform using SSL (https://yourdomain/networking/Service). The platform provides a default self-signed certificate which is used by the Application Server. This certificate can be replaced with your own certificate, purchased from a certificate-signing authority. For more instructions on that process, see Managing SSL Certificates.

Changing Port Assignments

To change port assignments:

  1. Editg {platform_installation}/tomcat/conf//tomcat/conf/server.xml
  2. Modify the port-assignment attributes:
<Connector port="80“  … />
 ...
<Connector port=“443“  … />

Note: If you change the http port (80), you will need to specify the port number in the URLs for the document servers recorded in the database. To see those values:

Mysql> SELECT document_server,import_document_server,public_document_server 
       FROM relationals.NETWORK_GLOBAL_PROPERTIES;

Those URLs are read when an application server starts, and used as the forwarding-target for document-access requests.