Class EnableSecureAdminCommand
java.lang.Object
com.sun.enterprise.security.admin.cli.SecureAdminCommand
com.sun.enterprise.security.admin.cli.EnableSecureAdminCommand
- All Implemented Interfaces:
org.glassfish.api.admin.AdminCommand
@Service(name="enable-secure-admin")
@PerLookup
@ExecuteOn({DAS,INSTANCE})
public class EnableSecureAdminCommand
extends SecureAdminCommand
Records that secure admin is to be used and adjusts each admin listener configuration in the domain to use secure admin.
The command changes the admin-listener set-up within each separate configuration as if by running these commands:
###
### create new protocol for secure admin
###
asadmin create-protocol --securityenabled=true sec-admin-listener
asadmin create-http --default-virtual-server=__asadmin sec-admin-listener
#asadmin create-network-listener --listenerport 4849 --protocol sec-admin-listener sec-admin-listener
asadmin create-ssl --type network-listener --certname s1as --ssl2enabled=false --ssl3enabled=false --clientauthenabled=false sec-admin-listener
asadmin set configs.config.server-config.network-config.protocols.protocol.sec-admin-listener.ssl.client-auth=want
asadmin set configs.config.server-config.network-config.protocols.protocol.sec-admin-listener.ssl.classname=com.sun.enterprise.security.ssl.GlassfishSSLImpl
###
### create the port redirect config
###
asadmin create-protocol --securityenabled=false admin-http-redirect
asadmin create-http-redirect --secure-redirect true admin-http-redirect
#asadmin create-http-redirect --secure-redirect true --redirect-port 4849 admin-http-redirect
asadmin create-protocol --securityenabled=false pu-protocol
asadmin create-protocol-finder --protocol pu-protocol --targetprotocol sec-admin-listener --classname org.glassfish.grizzly.config.portunif.HttpProtocolFinder http-finder
asadmin create-protocol-finder --protocol pu-protocol --targetprotocol admin-http-redirect --classname org.glassfish.grizzly.config.portunif.HttpProtocolFinder admin-http-redirect
###
### update the admin listener
###
asadmin set configs.config.server-config.network-config.network-listeners.network-listener.admin-listener.protocol=pu-protocol
- Author:
- Tim Quinn
-
Field Summary
Fields inherited from class com.sun.enterprise.security.admin.cli.SecureAdminCommand
ADMIN_LISTENER_NAME, domain
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
run()
Performs the enable/disable logic for secure admin.protected String
Returns the error key for finding a message describing an error during the operation - either enable or disable.protected boolean
updateSecureAdminSettings
(com.sun.enterprise.config.serverbeans.SecureAdmin secureAdmin_w) Methods inherited from class com.sun.enterprise.security.admin.cli.SecureAdminCommand
execute
-
Field Details
-
adminalias
-
instancealias
-
-
Constructor Details
-
EnableSecureAdminCommand
public EnableSecureAdminCommand()
-
-
Method Details
-
run
public void run() throws org.jvnet.hk2.config.TransactionFailure, com.sun.enterprise.config.serverbeans.SecureAdminHelper.SecureAdminCommandExceptionDescription copied from class:SecureAdminCommand
Performs the enable/disable logic for secure admin.This is separate from the execute method so it can be invoked during upgrade.
- Overrides:
run
in classSecureAdminCommand
- Throws:
org.jvnet.hk2.config.TransactionFailure
com.sun.enterprise.config.serverbeans.SecureAdminHelper.SecureAdminCommandException
-
updateSecureAdminSettings
protected boolean updateSecureAdminSettings(com.sun.enterprise.config.serverbeans.SecureAdmin secureAdmin_w) -
transactionErrorMessageKey
Description copied from class:SecureAdminCommand
Returns the error key for finding a message describing an error during the operation - either enable or disable.Each concrete subclass overrides this to supply the relevant message key.
- Specified by:
transactionErrorMessageKey
in classSecureAdminCommand
- Returns:
- the message key corresponding to the error message to display
-