Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "Jetty/Howto/Secure Termination"
Line 1: | Line 1: | ||
{{Jetty Howto | {{Jetty Howto | ||
| introduction = | | introduction = | ||
+ | |||
+ | {{Jetty TODO}} | ||
You can start Jetty in a way that will require identification before a termination request is accepted. This can help safeguard against either accidental or malicious terminations. | You can start Jetty in a way that will require identification before a termination request is accepted. This can help safeguard against either accidental or malicious terminations. |
Latest revision as of 15:35, 23 April 2013
Introduction
You can start Jetty in a way that will require identification before a termination request is accepted. This can help safeguard against either accidental or malicious terminations.
Steps
In order to protect you Jetty instance from unwanted termination you need to start Jetty with a *STOP.PORT* parameter:
java -DSTOP.PORT=8079 -jar start.jar
The *STOP.PORT* is the number of a port on which Jetty will listen for termination requests. In this case, the port number is 8079. You can then stop jetty either with a Template:Cntrl-c in the controlling terminal window (unless you have disassociated the Jetty process from a terminal), or by supplying this port number on a stop request from any terminal.
You can also supply a secret key on startup which must also be present on the termination request to enhance security:
java -DSTOP.PORT=8079 -DSTOP.KEY=mysecret -jar start.jar
As a further security measure, you can omit the *STOP.KEY* property on startup, in which case Jetty will generate and print on stdout a random key:
> java -DSTOP.PORT=8079 -jar start.jar -DSTOP.KEY=3xspihnnsse8
This key should then be supplied on the termination request:
java -DSTOP.PORT=8079 -DSTOP.KEY=3xspihnnsse8 -jar start.jar --stop