Port Management
In order to connect to Data Virtuality Server it is important to know which ports are being used for network communication. This is especially true if you have a secure environment and all network traffic has to be firewall enabled. Problems can arise if you either try to connect to a wrong port or if the port is not accessible through the firewall. The server is shipped with some default ports which you can find at the very bottom of %pathToDVserver%/standalone/configuration/dvserver-standalone.xml on Linux or %pathToDVserver%\standalone\configuration\dvserver-standalone.xml on Windows. This is an example of the file which might look like the one you are using right now:
< socket-binding-group name = "standard-sockets" default-interface = "public" port-offset = "${jboss.socket.binding.port-offset:0}" > < socket-binding name = "management-native" interface = "management" port = "${jboss.management.native.port:9999}" /> < socket-binding name = "management-http" interface = "management" port = "${jboss.management.http.port:9990}" /> < socket-binding name = "management-https" interface = "management" port = "${jboss.management.https.port:9443}" /> < socket-binding name = "ajp" port = "8009" /> < socket-binding name = "http" port = "8080" /> < socket-binding name = "https" port = "8443" /> < socket-binding name = "osgi-http" interface = "management" port = "8090" /> < socket-binding name = "remoting" port = "4447" /> < socket-binding name = "txn-recovery-environment" port = "4712" /> < socket-binding name = "txn-status-manager" port = "4713" /> < socket-binding name = "teiid-jdbc" port = "31000" /> < socket-binding name = "teiid-jdbc-ssl" port = "31001" /> < socket-binding name = "teiid-odbc" port = "35432" /> < outbound-socket-binding name = "mail-smtp" > < remote-destination host = "localhost" port = "25" /> </ outbound-socket-binding > </ socket-binding-group > |
As the snippet suggests, there are several ports for various usages. The main ones are for JDBC and ODBC connections. For example, the Data Virtuality Studio uses JDBC or JDBC over SSL connections whereas Tableau requires ODBC connections. Information about how to configure secure ODBC connections can be found further in this section. You should also make sure that there are no services or programs running on the machine which hosts the Data Virtuality Server which may conflict in socket bindings. If, for example, you already have a process running and this process uses port 9999, you might not be able to connect to the server via this port. Even worse, sockets that are already in use may prevent the server from starting.
Port Offset
If you have any conflicts, change either the affected ports of Data Virtuality Server or the ones of the other process. Alternatively, you can use the property port-offset in order to increment all used ports by a specific value. If you set the offset from 0 to 10000 your server will now use ports 41000 (JDBC), 41001 (JDBC over SSL), 45432 (ODBC) and so forth. This is a simple way to prevent conflicts but you should carefully adjust firewall rules and consider some documentation about the changes.
Configure Proxy Settings
It is possible that you deployed the Data Virtuality Server within an environment that uses an HTTP proxy server and the Data Virtuality Server needs to be configured to use this proxy. This is, as well as the port management, done through the dvserver-standalone.xml. You can specify the IP address and the port of the proxy that Data Virtuality Server shall communicate with as well as a list of hosts which are directly contacted (without any proxy interference). Find the </extensions> end tag and place the configuration right after it:
... </ extensions > < system-properties property name = "http.proxyHost" value = "ProxyIP" /> < system-properties property name = "http.proxyPort" value = "ProxyPort" /> < system-properties property name = "http.nonProxyHosts" value = "ListOfHostsThatAreDirectlyContacted" /> |
Note that the value for http.nonProxyHosts can contain a list with multiple hosts (separated by '|') that are communicated with directly. For example: value="localhost|clr.mycomp.org|*.mycomp.local", where '*' denotes the wildcard. There are also properties named https.proxyHost and https.proxyPort for configuring secure proxy connections.
Enable ODBC over SSL connections
To enable a secure ODBC connection, you need a certificate which you import into a Java keystore. Add some lines in dvserver-standalone.xml to point to this store and append a socket binding for the ODBC over SSL connection. As with the default ports, don't forget to enable firewall rules if necessary and do not specify ports that are already in use by some other process. If you are not in possession of a certificate, you can create one with the tool keytool that is shipped with most Java SDKs. The tool is found in the Java installation subfolder %JavaDir%/bin on Linux or %JavaDir%\bin on Windows. The following code creates a new certificate and stores it in a keystore which you specify.
1
2
|
cd /usr/lib/jvm/java-7-oracle/jre/bin keytool -genkey - alias teiid -keyalg RSA -validity 365 -keystore %pathToStore% /server .keystore -storetype JKS |
1
2
|
cd "c:\Program Files\Java\jre7\bin" keytool -genkey - alias teiid -keyalg RSA -validity 365 -keystore %pathToStore%\server.keystore -storetype JKS |
Replace the placeholder %pathToStore% with the location where you want to place the keystore. You will be prompted to enter a password for future access of the keystore. Provide one and note it down. Now you have to add two entries in dvserver-standalone.xml:
< subsystem xmlns = "urn:jboss:domain:teiid:1.0" > ... < transport name = "odbc-ssl" socket-binding = "teiid-odbc-ssl" protocol = "pg" > < authentication security-domain = "teiid-security" /> < ssl mode = "enabled" ssl-protocol = "SSLv3" > < keystore name = "%pathToKeystoreFile%" password = "%keystorePassword%" /> </ ssl > </ transport > ... </ subsystem > |
and
< socket-binding-group name = "standard-sockets" default-interface = "public" port-offset = "${jboss.socket.binding.port-offset:0}" > ... < socket-binding name = "teiid-odbc-ssl" port = "35433" /> ... </ socket-binding-Group > |
Comments
0 comments
Please sign in to leave a comment.