public class SetUIDListener extends Object implements org.eclipse.jetty.util.component.LifeCycle.Listener
This LifeCycleListener may be added to a Server to make a JNI call to set the unix UID.
This can be used to start the server as root so that privileged ports may
be accessed and then switch to a non-root user for security. Depending on
the value of setStartServerAsPrivileged(boolean), either the server
will be started and then the UID set; or the Server.getConnectors()
will be opened, the UID set and then the server is started. The latter is
the default and avoids any web application code being run as a privileged
user, but will not work if the application code also needs to open
privileged ports.
The configured umask is set before the server is started and the configured gid/uid is set after the server is started.
| Constructor and Description |
|---|
SetUIDListener() |
| Modifier and Type | Method and Description |
|---|---|
int |
getGid() |
String |
getGroupname() |
RLimit |
getRLimitNoFiles() |
int |
getUid() |
int |
getUmask() |
String |
getUmaskOctal() |
String |
getUsername() |
boolean |
isStartServerAsPrivileged() |
void |
lifeCycleFailure(org.eclipse.jetty.util.component.LifeCycle server,
Throwable cause) |
void |
lifeCycleStarted(org.eclipse.jetty.util.component.LifeCycle server) |
void |
lifeCycleStarting(org.eclipse.jetty.util.component.LifeCycle lifecycle) |
void |
lifeCycleStopped(org.eclipse.jetty.util.component.LifeCycle arg0) |
void |
lifeCycleStopping(org.eclipse.jetty.util.component.LifeCycle arg0) |
void |
setGid(int gid) |
protected void |
setGidUid() |
void |
setGroupname(String groupname) |
void |
setRLimitNoFiles(RLimit rlimit) |
void |
setStartServerAsPrivileged(boolean startContextsAsPrivileged) |
void |
setUid(int uid) |
void |
setUmask(int umask) |
void |
setUmaskOctal(String umask) |
void |
setUsername(String username) |
public void setUsername(String username)
public String getUsername()
public void setGroupname(String groupname)
public String getGroupname()
public int getUmask()
public String getUmaskOctal()
public void setUmask(int umask)
public void setUmaskOctal(String umask)
public int getUid()
public void setUid(int uid)
public void setGid(int gid)
public int getGid()
public void setRLimitNoFiles(RLimit rlimit)
public RLimit getRLimitNoFiles()
protected void setGidUid()
public void lifeCycleFailure(org.eclipse.jetty.util.component.LifeCycle server,
Throwable cause)
lifeCycleFailure in interface org.eclipse.jetty.util.component.LifeCycle.Listenerpublic void lifeCycleStarted(org.eclipse.jetty.util.component.LifeCycle server)
lifeCycleStarted in interface org.eclipse.jetty.util.component.LifeCycle.Listenerpublic void lifeCycleStarting(org.eclipse.jetty.util.component.LifeCycle lifecycle)
lifeCycleStarting in interface org.eclipse.jetty.util.component.LifeCycle.Listenerpublic void lifeCycleStopped(org.eclipse.jetty.util.component.LifeCycle arg0)
lifeCycleStopped in interface org.eclipse.jetty.util.component.LifeCycle.Listenerpublic void lifeCycleStopping(org.eclipse.jetty.util.component.LifeCycle arg0)
lifeCycleStopping in interface org.eclipse.jetty.util.component.LifeCycle.Listenerpublic boolean isStartServerAsPrivileged()
public void setStartServerAsPrivileged(boolean startContextsAsPrivileged)
startContextsAsPrivileged - if true, the server is started and then the process UID is switched. If false, the connectors are opened, the UID is switched and then the
server is started.Copyright © 1995-2015 Mort Bay Consulting. All Rights Reserved.