由於各種RMI漏洞以及我沒有使用它的事實,我想至少在外部禁用JBoss服務器上的RMI,但我不知道如何在不破壞事情的情況下如何做到這一點。如何在JBoss中禁用RMI?
我已經試過禁用JRMP調用,這似乎是工作,但問題是,我無法再啓動和停止我的服務器,因爲該命令:
sudo -u $JBOSS_USER $JBOSS_HOME/bin/shutdown.sh -S
返回錯誤:
Exception in thread "main" javax.naming.NamingException: Could not dereference object [Root exception is javax.naming.NameNotFoundException: invoker not bound]
at org.jnp.interfaces.NamingContext.resolveLink(NamingContext.java:1215)
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:758)
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:627)
at javax.naming.InitialContext.lookup(InitialContext.java:351)
at org.jboss.Shutdown.main(Shutdown.java:214)
Caused by: javax.naming.NameNotFoundException: invoker not bound
at org.jnp.server.NamingServer.getBinding(NamingServer.java:529)
at org.jnp.server.NamingServer.getBinding(NamingServer.java:537)
at org.jnp.server.NamingServer.getObject(NamingServer.java:543)
at org.jnp.server.NamingServer.lookup(NamingServer.java:267)
at org.jnp.server.NamingServer.lookup(NamingServer.java:270)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:592)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294)
at sun.rmi.transport.Transport$1.run(Transport.java:153)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:149)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:466)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:707)
at java.lang.Thread.run(Thread.java:613)
at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:247)
at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:223)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:126)
at org.jnp.server.NamingServer_Stub.lookup(Unknown Source)
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:667)
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:627)
at javax.naming.InitialContext.lookup(InitialContext.java:351)
at org.jnp.interfaces.NamingContext.resolveLink(NamingContext.java:1209)
... 4 more
我沒有在/path/to/jboss/server/default/conf/jboss-service.xml的其他地方看到調用者被引用,所以我不確定我需要刪除哪些其他引用。
任何想法我做錯了或我只是要求功能是互斥的?
爲什麼不阻止外部應用程序通過阻塞端口通過RMI連接到您的服務器? –
這會工作,但我希望有一個更優雅的解決方案: -/ –
您使用的是哪個版本的JBoss? – Mikaveli