public class SetUIDServer
extends org.mortbay.jetty.Server
Server
will make a JNI call to set the unix UID.
This can be used to start the server as root so that privileged ports may
be accessed and then switch to a non-root user for security.
Depending on the value of setStartServerAsPrivileged(boolean)
, either the
server will be started and then the UID set; or the Server.getConnectors()
will be
opened with a call to Connector.open()
, the UID set and then the server is started.
The later is the default and avoids any webapplication code being run as a privileged user,
but will not work if the application code also needs to open privileged ports.
The configured umask is set before the server is started and the configured uid is set after the server is started.
Constructor and Description |
---|
SetUIDServer() |
Modifier and Type | Method and Description |
---|---|
protected void |
doStart() |
int |
getGid() |
java.lang.String |
getGroupname() |
RLimit |
getRLimitNoFiles() |
int |
getUid() |
int |
getUmask() |
java.lang.String |
getUsername() |
boolean |
isStartServerAsPrivileged() |
void |
setGid(int gid) |
void |
setGroupname(java.lang.String groupname) |
void |
setRLimitNoFiles(RLimit rlimit) |
void |
setStartServerAsPrivileged(boolean startContextsAsPrivileged) |
void |
setUid(int uid) |
void |
setUmask(int umask) |
void |
setUsername(java.lang.String username) |
addConnector, addHandler, addLifeCycle, addUserRealm, clearAttributes, doStop, getAttribute, getAttributeNames, getConnectors, getContainer, getGracefulShutdown, getHandlers, getSendDateHeader, getSendServerVersion, getSessionIdManager, getStopAtShutdown, getThreadPool, getUserRealms, getVersion, handle, join, removeAttribute, removeConnector, removeHandler, removeLifeCycle, removeUserRealm, setAttribute, setConnectors, setGracefulShutdown, setHandlers, setSendDateHeader, setSendServerVersion, setSessionIdManager, setStopAtShutdown, setThreadPool, setUserRealms
expandChildren, getHandler, handle, setHandler, setServer
expandHandler, getChildHandlerByClass, getChildHandlers, getChildHandlersByClass
addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop
public void setUsername(java.lang.String username)
public java.lang.String getUsername()
public void setGroupname(java.lang.String groupname)
public java.lang.String getGroupname()
public int getUmask()
public void setUmask(int umask)
public int getUid()
public void setUid(int uid)
public void setGid(int gid)
public int getGid()
public void setRLimitNoFiles(RLimit rlimit)
public RLimit getRLimitNoFiles()
protected void doStart() throws java.lang.Exception
doStart
in class org.mortbay.jetty.Server
java.lang.Exception
public boolean isStartServerAsPrivileged()
public void setStartServerAsPrivileged(boolean startContextsAsPrivileged)
startServerAsPrivileged
- if true, the server is started and then the process UID is switched. If false, the connectors are opened, the UID is switched and then the server is started.Connector#open()}
Copyright © 2009 Mortbay Consulting Pty. Ltd. All Rights Reserved.