Resin administration

From Resin 3.0

(Difference between revisions)
Jump to: navigation, search
(New page: Category: Cookbook Category: Admin Resin's administration page /resin-admin should generally be enabled for all Resin servers. For security, it's best to have /resin-admin availab...)
 
Line 8: Line 8:
 
       xmlns:resin="urn:java:com.caucho.resin">
 
       xmlns:resin="urn:java:com.caucho.resin">
 
    
 
    
 +
  <resin:AdminAuthenticator>
 +
    <resin:import path="${__DIR__}/admin-users.xml" optional="true"/>
 +
  </resin:AdminAuthenticator>
 +
 
   <cluster id="">
 
   <cluster id="">
 
     <resin:import path="${__DIR__}/app-default.xml"/>
 
     <resin:import path="${__DIR__}/app-default.xml"/>
Line 37: Line 41:
 
   </resin>
 
   </resin>
  
 +
* /resin-admin login is enabled with the AdminAuthenticator
 +
* The admin users are configured in ${resin.home}/admin-users.xml
 
* The server listens to HTTP ports 80 and 8071
 
* The server listens to HTTP ports 80 and 8071
 
* The server runs as the "resin" user instead of root
 
* The server runs as the "resin" user instead of root

Revision as of 15:32, 2 October 2010


Resin's administration page /resin-admin should generally be enabled for all Resin servers. For security, it's best to have /resin-admin available on a dedicated virtual host, a separate TCP port, so your admin will be protected by your firewall.

resin.xml for /resin-admin on port 8091

<resin xmlns="http://caucho.com/ns/resin"
     xmlns:resin="urn:java:com.caucho.resin">
 
  <resin:AdminAuthenticator>
    <resin:import path="${__DIR__}/admin-users.xml" optional="true"/>
  </resin:AdminAuthenticator>

  <cluster id="">
    <resin:import path="${__DIR__}/app-default.xml"/>

    <server-default>
      <http port="80"/>
      <http port="8091"/>
      <user-name>resin</user-name>
      <group-name>resin</group-name>
    </server-default>

    <server id="a" address="192.168.1.10" port"6800"/>

    <host id=""> 
      <web-app-deploy path="webapps"/>
    </host>

    <host id=":8091">

      <web-app id="/resin-admin" root-directory="${resin.root}/doc/admin">
        <prologue>
          <resin:set var="resin_admin_external" value="false"/>
          <resin:set var="resin_admin_insecure" value="true"/>
        </prologue>
      </web-app>

     </host>
   </cluster>
 </resin>
  • /resin-admin login is enabled with the AdminAuthenticator
  • The admin users are configured in ${resin.home}/admin-users.xml
  • The server listens to HTTP ports 80 and 8071
  • The server runs as the "resin" user instead of root
  • Applications are deployed to /var/www/webapps
  • The web-apps are served through the default virtual host
  • The resin-admin is served through the ":8091" virtual host
  • The /resin-admin web-app is in ${resin.root}/doc/admin
  • We've enabled non-localhost and non-SSL access to /resin-admin
Personal tools