Class EnableSecureAdminCommand
java.lang.Object
com.sun.enterprise.security.admin.cli.SecureAdminCommand
com.sun.enterprise.security.admin.cli.EnableSecureAdminCommand
- All Implemented Interfaces:
org.glassfish.api.admin.AdminCommand
@Service(name="enable-secure-admin")
@PerLookup
@ExecuteOn({DAS,INSTANCE})
public class EnableSecureAdminCommand
extends SecureAdminCommand
Records that secure admin is to be used and adjusts each admin listener configuration in the domain to use secure admin.
The command changes the admin-listener set-up within each separate configuration as if by running these commands:
###
### create new protocol for secure admin
###
asadmin create-protocol --securityenabled=true sec-admin-listener
asadmin create-http --default-virtual-server=__asadmin sec-admin-listener
#asadmin create-network-listener --listenerport 4849 --protocol sec-admin-listener sec-admin-listener
asadmin create-ssl --type network-listener --certname s1as --ssl2enabled=false --ssl3enabled=false --clientauthenabled=false sec-admin-listener
asadmin set configs.config.server-config.network-config.protocols.protocol.sec-admin-listener.ssl.client-auth=want
asadmin set configs.config.server-config.network-config.protocols.protocol.sec-admin-listener.ssl.classname=com.sun.enterprise.security.ssl.GlassfishSSLImpl
###
### create the port redirect config
###
asadmin create-protocol --securityenabled=false admin-http-redirect
asadmin create-http-redirect --secure-redirect true admin-http-redirect
#asadmin create-http-redirect --secure-redirect true --redirect-port 4849 admin-http-redirect
asadmin create-protocol --securityenabled=false pu-protocol
asadmin create-protocol-finder --protocol pu-protocol --targetprotocol sec-admin-listener --classname org.glassfish.grizzly.config.portunif.HttpProtocolFinder http-finder
asadmin create-protocol-finder --protocol pu-protocol --targetprotocol admin-http-redirect --classname org.glassfish.grizzly.config.portunif.HttpProtocolFinder admin-http-redirect
###
### update the admin listener
###
asadmin set configs.config.server-config.network-config.network-listeners.network-listener.admin-listener.protocol=pu-protocol
- Author:
- Tim Quinn
-
Field Summary
FieldsFields inherited from class com.sun.enterprise.security.admin.cli.SecureAdminCommand
ADMIN_LISTENER_NAME, domain -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidrun()Performs the enable/disable logic for secure admin.protected StringReturns the error key for finding a message describing an error during the operation - either enable or disable.protected booleanupdateSecureAdminSettings(com.sun.enterprise.config.serverbeans.SecureAdmin secureAdmin_w) Methods inherited from class com.sun.enterprise.security.admin.cli.SecureAdminCommand
execute
-
Field Details
-
adminalias
-
instancealias
-
-
Constructor Details
-
EnableSecureAdminCommand
public EnableSecureAdminCommand()
-
-
Method Details
-
run
public void run() throws org.jvnet.hk2.config.TransactionFailure, com.sun.enterprise.config.serverbeans.SecureAdminHelper.SecureAdminCommandExceptionDescription copied from class:SecureAdminCommandPerforms the enable/disable logic for secure admin.This is separate from the execute method so it can be invoked during upgrade.
- Overrides:
runin classSecureAdminCommand- Throws:
org.jvnet.hk2.config.TransactionFailurecom.sun.enterprise.config.serverbeans.SecureAdminHelper.SecureAdminCommandException
-
updateSecureAdminSettings
protected boolean updateSecureAdminSettings(com.sun.enterprise.config.serverbeans.SecureAdmin secureAdmin_w) -
transactionErrorMessageKey
Description copied from class:SecureAdminCommandReturns the error key for finding a message describing an error during the operation - either enable or disable.Each concrete subclass overrides this to supply the relevant message key.
- Specified by:
transactionErrorMessageKeyin classSecureAdminCommand- Returns:
- the message key corresponding to the error message to display
-