Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-1829

JMX connector listens on a random port number

    Details

    • Support Ticket IDs:

      Description

      The JMX connection handler listens on 2 ports, only one of which is configurable - 1689, the default listen-port. A random port is also listened on, and remote tools such as jconsole need to connect to both ports.

      The use of a random port makes it difficult to create firewall rules which allow JMX traffic through.

      The problem seems to come from the RMI Connector, when it instantiate the RMIJRMPServer:

      RmiConnector.java:388 (v 2.6.2)
      
      
      OpendsRMIJRMPServerImpl opendsRmiConnectorServer =
                new OpendsRMIJRMPServerImpl(
                    0, rmiClientSockeyFactory, rmiServerSockeyFactory, env);
      

      The value 0 is the port number.

      The constructor prototype:

        public OpendsRMIJRMPServerImpl(int port, RMIClientSocketFactory csf,
            RMIServerSocketFactory ssf, Map<String, ?> env) throws IOException
        {
      

      As 0 is a special value, the port will be chosen randomly.

      * A port number of <code>zero</code> will let the system pick up an
    * ephemeral port in a <code>bind</code> operation.
      from InetSocketAddress constructor
      

      You can see this opened port by running OpenAM with an embedded OpenDJ and do a

      netstat -apn | grep $OPENAM_PID | grep LISTEN 

      In my case, the first time, I had:

      tcp6      0      0 :::1689                :::*                    LISTEN      4771/java       
      tcp6      0      0 :::18009                :::*                    LISTEN      4771/java       
      tcp6      0      0 :::4444                :::*                    LISTEN      4771/java       
      tcp6      0      0 :::18080                :::*                    LISTEN      4771/java       
      tcp6      0      0 :::33121                :::*                    LISTEN      4771/java       
      tcp6      0      0 :::50889                :::*                    LISTEN      4771/java       
      tcp6      0      0 127.0.0.1:18005        :::*                    LISTEN      4771/java       
      tcp6      0      0 :::50389                :::*                    LISTEN      4771/java 
      

      33121 is the port opened in the RMI connector

      and after restarting openAM:

      tcp        0      0 0.0.0.0:8000            0.0.0.0:*               LISTEN      5384/java       
      tcp6       0      0 :::1689                 :::*                    LISTEN      5384/java       
      tcp6       0      0 :::18009                :::*                    LISTEN      5384/java       
      tcp6       0      0 :::4444                 :::*                    LISTEN      5384/java       
      tcp6       0      0 :::18080                :::*                    LISTEN      5384/java       
      tcp6       0      0 :::50889                :::*                    LISTEN      5384/java       
      tcp6       0      0 :::33039                :::*                    LISTEN      5384/java       
      tcp6       0      0 :::50389                :::*                    LISTEN      5384/java
      

      The second time, the port is 33039

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                matthew Matthew Swift
                Reporter:
                quentin.castel Quentin CASTEL
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: