Juan Hernandez has uploaded a new change for review. Change subject: packaging: Disable HTTP and HTTPS when using Apache as proxy ......................................................................
packaging: Disable HTTP and HTTPS when using Apache as proxy This patch changes the setup application and the JBoss configuration file so that the HTTP and HTTPS connectors will be completely disabled and only the AJP connector will be enabled if Apache is used as a proxy. On the other hand, if Apache is not used as a proxy the HTTP and HTTPS connectors will be enabled but the AJP connector will be disabled. This reduces the use of resources in the application server (thread pools) and reduces also the attack surface. It is convenient to be able to enable/disable the connectors at will after the installation. This can be done changing the /etc/sysconfig/ovirt-engine file, without running the setup again. For example, in order to enable the HTTP connector it is enough to add (or just uncomment) the following line: ENGINE_HTTP_PORT=6090 Then restart the engine and the connector will be available. Same for the HTTPS and AJP connectors. Change-Id: I0d9443d18f1eee928a2fe594527ac0d59c14a5df Signed-off-by: Juan Hernandez <[email protected]> --- M packaging/fedora/engine-service.xml.in M packaging/fedora/setup/engine-setup.py 2 files changed, 23 insertions(+), 10 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/39/6439/1 -- To view, visit http://gerrit.ovirt.org/6439 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I0d9443d18f1eee928a2fe594527ac0d59c14a5df Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Juan Hernandez <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
