Webserver for RMI class downloads is exposing configuration

mefesto78 Apr 23, 2003 9:59 AM

This seems to be a bug.

I am using JBoss 3.2 and by default there is a jboss:service=Webserver that allows ejb-clients to download the code it needs using RMI facilities. I was testing this out, set my system properties like java.rmi.server.codebase and hostname and found that if I hit http://localhost:8083/ I can request files from my JBOSS_HOME/server//conf folder.

In mozilla, if I do http://localhost:8083/login-config.xml - I get a blank page BUT if I view the HTML source for the blank page, I get all my login-config.xml details.

Please someone let me know if this is a configuration error on my part. I am only using the default jboss-service.xml file. Also, I would like to have my ejb-clients be able to dynamically download the classes it needs so just turning this service off is not really a fix.

Thanks,

Allen

1. Re: Webserver for RMI class downloads is exposing configurat

starksm64 Apr 23, 2003 12:24 PM (in response to mefesto78)

Its a configuration issue. You need to disable the downloaing of non-ejb classes in the jboss-service.xml file:

8083

false

Before:
common 684>wget http://lamia:8083/login-config.xml
--09:17:36-- http://lamia:8083/login-config.xml
=> `login-config.xml'
Resolving lamia... done.
Connecting to lamia[172.17.66.53]:8083... connected.
HTTP request sent, awaiting response... 200 OK
Length: 5,213 [text/html]

100%[====================================>] 5,213 4.97M/s ETA 00:00

09:17:36 (4.97 MB/s) - `login-config.xml' saved [5213/5213]

After:
common 686>wget http://lamia:8083/login-config.xml
--09:18:33-- http://lamia:8083/login-config.xml
=> `login-config.xml.1'
Resolving lamia... done.
Connecting to lamia[172.17.66.53]:8083... connected.
HTTP request sent, awaiting response... 404 Not Found
09:18:33 ERROR 404: Not Found.
Actions