Thanks for the response. The shutdown port is used to shutdown the application this can include things that need to cleanup or flush data to disk. It is used by the stop scripts so if I completely disabled it then I couldn't stop the server properly..
I am sure there must be an option in the stop script to require a username/password. I'll just have to look into the code and see if that exists in the case where the port is accessible to all users on the server. I am still hoping to hear from someone who has solved this issue in their environment and hopefully I don't need to make any changes to the code in order to set this up how I want it to work. Fu-Tung --- On Thu, 8/21/08, André Warnier <[EMAIL PROTECTED]> wrote: > From: André Warnier <[EMAIL PROTECTED]> > Subject: Re: tomcat instances on different ports running as different users > can anyone shutdown? > To: "Tomcat Users List" <users@tomcat.apache.org> > Date: Thursday, August 21, 2008, 6:58 PM > Fu-Tung Cheng wrote: > > Hi, > > > > I have different instances of tomcat running on > different ports of the same machine. The processes are > running as different users. In this case could a user > different than the one who launched the process connect to > the tomcat shutdown port and cause the other instance to > shutdown? > > > > It seems like I can connect to the shutdown port of > the other users tomcat instances with telnet so I think it > appears likely that I could tell the other tomcat instance > to shutdown. > > > > How do I restrict this to only the user who launched > the tomcat process? > > > As far as I know, you cannot. When a TCP port is > "open", any local > process can connect to it, and the receiving port does not > "know" who > that is. So, yes, unless you disable that port, anyone on > the local > machine could shut down any of your Tomcats. > Telnet is the easiest way, but anyone with a bit of > imagination can use > many other ways to do it, too. > > Regarding users that are not on the local machine, there > are many > possibilities, depending on the kind of host you are > running on, to > prevent connections to that port from anywhere except > "localhost". > Under Unix/Linux, one way might be tcp-wrappers (look up > the files > /etc/hosts.allow and /etc/hosts.deny), but that may depend > on whether > Tomcat pays attention to it or not. > > You could also disable that connector altogether, but > someone else > should comment if this can have unintended consequences > (such as > preventing some "tomcat stop" script to work ?). > > I also seem to remember that it is not enough to just > connect to the > port, I believe you must also send some string. If so, it > might be > possible to change that string to something not trivial > somewhere. > > I have always been curious about that feature. Maybe > someone on the > list can explain why it exists at all ? > > André > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
