-
1. Re: Shutdown Wildfly gracefully when CLI Access is disabled
mchoma Sep 6, 2018 11:42 AM (in response to mrydeen)If you configure you management interface to bind to local address (-Djboss.bind.address.management=127.0.0.1) 9990 wouldn't be visible from outside.
And you can still connect with cli locally.
-
2. Re: Shutdown Wildfly gracefully when CLI Access is disabled
mrydeen Sep 6, 2018 11:54 AM (in response to mchoma)Thank you Martin for responding. I wish it was that easy . I should have been more clear. Our application gets installed on the customers controlled VM/Server. They want to make sure that we are "self secure". That is because they cannot guarantee that some "hacker" could not gain access to their server. So if the server is compromised, they want to make sure that all the applications will not be a security issue. We are seeing this more and more where security is becoming a huge impact on third party applications.
Hope that is clear.
Michael
-
3. Re: Shutdown Wildfly gracefully when CLI Access is disabled
mchoma Sep 6, 2018 12:17 PM (in response to mrydeen)If someone get access to your machine, then you have bigger problem then opened management interface port. Note, attacker have to has OS permission to ${jboss.home.dir} to connect locally.
Still if it is closed first thing attacker can do is open that port.
-
4. Re: Shutdown Wildfly gracefully when CLI Access is disabled
mrydeen Sep 6, 2018 1:07 PM (in response to mchoma)Yes Martin all very valid points and one that I have brought up to management multiple times. But other examples are such that customers have machines that are general purpose that are configured via LDAP and sometimes workers in the env might logon to these servers and issue some commands...not on purpose, but maybe forgetting that they are on a production machine. They just want to make them secure just like other applications like microsoft exchange, microsoft cluster, etc.
Thank you,
Michael
-
5. Re: Shutdown Wildfly gracefully when CLI Access is disabled
mchoma Sep 7, 2018 3:42 AM (in response to mrydeen)Workers should not run with same user like your wildfly run.
But back to your question. Seems kill -15 and Ctrl+C should work for you.
[1] Design Notes for Graceful Shutdown upon receipt of a SIGTERM
-
6. Re: Shutdown Wildfly gracefully when CLI Access is disabled
mrydeen Sep 10, 2018 11:22 AM (in response to mchoma)Thank you Martin, let me take a look.