Access to WildFly Administartion Console
688 views
Skip to first unread message
Stefan Harbich
Feb 12, 2024, 10:32:36 AM2/12/24
to WildFly
Hello, my dears,
I am using the following version.
I am using the following version.
...
[standalone@localhost:9990 /] version
JBoss Admin Command-line Interface
JBOSS_HOME: /opt/wildfly
Release: 14.0.0.Final
Product: WildFly Full 22.0.0.Final
JAVA_HOME: /usr/lib/jvm/java-11-openjdk-amd64
java.version: 11.0.22
java.vm.vendor: Debian
java.vm.version: 11.0.22+7-post-Debian-1deb11u1
os.name: Linux
os.version: 5.10.0-27-amd64
JBoss Admin Command-line Interface
JBOSS_HOME: /opt/wildfly
Release: 14.0.0.Final
Product: WildFly Full 22.0.0.Final
JAVA_HOME: /usr/lib/jvm/java-11-openjdk-amd64
java.version: 11.0.22
java.vm.vendor: Debian
java.vm.version: 11.0.22+7-post-Debian-1deb11u1
os.name: Linux
os.version: 5.10.0-27-amd64
...
When I access the Management Console via my Nginx Proxy Server I get the following error message (image as attachment).
...
Connect to Management Interface
Use this dialog to connect to a running standalone or domain controller. Pick a management interface from the list below or add a new one.
...
Use this dialog to connect to a running standalone or domain controller. Pick a management interface from the list below or add a new one.
...
There is no entry in the list (name and URL). What do I have to configure and where?
Greetings from Stefan Harbich
Harald Pehl
Feb 13, 2024, 4:26:07 AM2/13/24
to WildFly
This dialog appears when the management console is served from a different host/port as the management interface (aka standalone mode: https://hal.github.io/documentation/get-started/#standalone-mode). To proceed, you have to add the host/port of the management interface of your WildFly server (typically, this is localhost:9990). In addition, you have to add an allowed origin in the management model. See https://hal.github.io/documentation/get-started/#standalone-mode on how to add this.
Other things to check are if you've added a management user using the add-user.sh script.
Let me know if that helps!
// Harald
Stefan Harbich
Feb 13, 2024, 10:56:22 AM2/13/24
to WildFly
Hello Harald,
i have sent you my affected settings and I can't get over the connect. Admin user in the management HAL has been created. Everything runs on localhost, both wildfly (port 8090) and the management console (port 9990). See attached config.
i have sent you my affected settings and I can't get over the connect. Admin user in the management HAL has been created. Everything runs on localhost, both wildfly (port 8090) and the management console (port 9990). See attached config.
...
root@dsme01:~# systemctl status wildfly.service
● wildfly.service - The WildFly Application Server
Loaded: loaded (/etc/systemd/system/wildfly.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2024-02-13 16:35:02 CET; 17min ago
Main PID: 1339380 (launch.sh)
Tasks: 122 (limit: 38446)
Memory: 2.4G
CGroup: /system.slice/wildfly.service
├─1339380 /bin/bash /opt/wildfly/bin/launch.sh standalone standalone.xml 127.0.0.1
├─1339381 /bin/sh /opt/wildfly/bin/standalone.sh -c standalone.xml -b 127.0.0.1 -bmanagement=127.0.0.1
└─1339493 java -D[Standalone] -server -Xms2048m -Xmx2048m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Dhttps.protocols=TLSv1.2,TLSv1.3 -Djdk.tls.client.protocols=TLSv1.2,TLSv1.3 -Djava.net.pre>
Feb 13 16:35:02 dsme01 systemd[1]: Started The WildFly Application Server.
● wildfly.service - The WildFly Application Server
Loaded: loaded (/etc/systemd/system/wildfly.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2024-02-13 16:35:02 CET; 17min ago
Main PID: 1339380 (launch.sh)
Tasks: 122 (limit: 38446)
Memory: 2.4G
CGroup: /system.slice/wildfly.service
├─1339380 /bin/bash /opt/wildfly/bin/launch.sh standalone standalone.xml 127.0.0.1
├─1339381 /bin/sh /opt/wildfly/bin/standalone.sh -c standalone.xml -b 127.0.0.1 -bmanagement=127.0.0.1
└─1339493 java -D[Standalone] -server -Xms2048m -Xmx2048m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Dhttps.protocols=TLSv1.2,TLSv1.3 -Djdk.tls.client.protocols=TLSv1.2,TLSv1.3 -Djava.net.pre>
Feb 13 16:35:02 dsme01 systemd[1]: Started The WildFly Application Server.
...
...
<interfaces>
<interface name="http">
<inet-address value="127.0.0.1"/>
</interface>
<interface name="https">
<inet-address value="127.0.0.1"/>
</interface>
<interface name="httpspriv">
<inet-address value="192.168.20.30"/>
</interface>
<interface name="httpspub">
<inet-address value="127.0.0.1"/>
</interface>
<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>
</interfaces>
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
<socket-binding name="http" interface="http" port="8090"/>
<socket-binding name="httpspriv" interface="httpspriv" port="8443"/>
<socket-binding name="httpspub" interface="httpspub" port="8442"/>
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
<socket-binding name="remoting" interface="management" port="4447"/>
<socket-binding name="txn-recovery-environment" port="4712"/>
<socket-binding name="txn-status-manager" port="4713"/>
<outbound-socket-binding name="mail-smtp">
<remote-destination host="${jboss.mail.server.host:localhost}" port="${jboss.mail.server.port:25}"/>
</outbound-socket-binding>
</socket-binding-group>
<interface name="http">
<inet-address value="127.0.0.1"/>
</interface>
<interface name="https">
<inet-address value="127.0.0.1"/>
</interface>
<interface name="httpspriv">
<inet-address value="192.168.20.30"/>
</interface>
<interface name="httpspub">
<inet-address value="127.0.0.1"/>
</interface>
<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>
</interfaces>
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
<socket-binding name="http" interface="http" port="8090"/>
<socket-binding name="httpspriv" interface="httpspriv" port="8443"/>
<socket-binding name="httpspub" interface="httpspub" port="8442"/>
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
<socket-binding name="remoting" interface="management" port="4447"/>
<socket-binding name="txn-recovery-environment" port="4712"/>
<socket-binding name="txn-status-manager" port="4713"/>
<outbound-socket-binding name="mail-smtp">
<remote-destination host="${jboss.mail.server.host:localhost}" port="${jboss.mail.server.port:25}"/>
</outbound-socket-binding>
</socket-binding-group>
...
I don't know what to do next. What's wrong?
I don't know what to do next. What's wrong?
Greetings from Stefan
Harald Pehl
Feb 14, 2024, 2:47:08 AM2/14/24
to WildFly
Your configuration looks ok to me. I have a few questions:
- Do you know if it works w/o the proxy server?
- Have you followed the steps in https://hal.github.io/documentation/get-started/#standalone-mode
// Harald
Stefan Harbich
Feb 14, 2024, 3:38:26 AM2/14/24
to WildFly
I don't know how to check access without a proxy server. There is no browser running on my Debian server. Here is my Nginx configuration.
...
root@dsme01:~# cat /etc/nginx/sites-available/wildfly.conf
server {
listen wildfly.intern.example.com:80;
server_name wildfly.intern.example.com;
return 301 https://$host$request_uri;
}
server {
ssl_certificate /etc/ssl/certs/wildfly.intern.example.com.crt;
ssl_certificate_key /etc/ssl/private/wildfly.intern.example.com.key;
ssl_dhparam /etc/ssl/certs/dhparams.pem;
listen wildfly.intern.example.com:443 ssl;
location / {
proxy_pass http://127.0.0.1:8090;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header SSL_CHIPER $ssl_session_id;
proxy_set_header SSL_SESSION_ID $ssl_session_id;
proxy_set_header SSL_CLIENT_CERT $ssl_client_cert;
}
location /console {
proxy_pass http://127.0.0.1:9990;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header SSL_CHIPER $ssl_session_id;
proxy_set_header SSL_SESSION_ID $ssl_session_id;
proxy_set_header SSL_CLIENT_CERT $ssl_client_cert;
}
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
}
...
I checked the standalone mode settings. All are set.
...
root@dsme01:~# cat /etc/nginx/sites-available/wildfly.conf
server {
listen wildfly.intern.example.com:80;
server_name wildfly.intern.example.com;
return 301 https://$host$request_uri;
}
server {
ssl_certificate /etc/ssl/certs/wildfly.intern.example.com.crt;
ssl_certificate_key /etc/ssl/private/wildfly.intern.example.com.key;
ssl_dhparam /etc/ssl/certs/dhparams.pem;
listen wildfly.intern.example.com:443 ssl;
location / {
proxy_pass http://127.0.0.1:8090;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header SSL_CHIPER $ssl_session_id;
proxy_set_header SSL_SESSION_ID $ssl_session_id;
proxy_set_header SSL_CLIENT_CERT $ssl_client_cert;
}
location /console {
proxy_pass http://127.0.0.1:9990;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header SSL_CHIPER $ssl_session_id;
proxy_set_header SSL_SESSION_ID $ssl_session_id;
proxy_set_header SSL_CLIENT_CERT $ssl_client_cert;
}
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
}
...
I checked the standalone mode settings. All are set.
Stefan Harbich
Feb 14, 2024, 7:29:45 AM2/14/24
to WildFly
Hello, the error was an incorrect configuration in the Nginx proxy configuration. These adjustments helped:
... location /console {
proxy_set_header Host 127.0.0.1:9990;
proxy_set_header Origin http://127.0.0.1:9990;
proxy_pass http://127.0.0.1:9990/console;
}
location /management {
proxy_set_header Host 127.0.0.1:9990;
proxy_set_header Origin http://127.0.0.1:9990;
proxy_pass http://127.0.0.1:9990/management;
}
proxy_set_header Host 127.0.0.1:9990;
proxy_set_header Origin http://127.0.0.1:9990;
proxy_pass http://127.0.0.1:9990/console;
}
location /management {
proxy_set_header Host 127.0.0.1:9990;
proxy_set_header Origin http://127.0.0.1:9990;
proxy_pass http://127.0.0.1:9990/management;
}
...
Greetings from Stefan Harbich
Greetings from Stefan Harbich
Harald Pehl
Feb 14, 2024, 7:48:13 AM2/14/24
to WildFly
Great, you figured it out.
Reply all
Reply to author
Forward
0 new messages