org.mortbay.setuid
Class SetUIDServer
java.lang.Object
org.mortbay.component.AbstractLifeCycle
org.mortbay.jetty.handler.AbstractHandler
org.mortbay.jetty.handler.AbstractHandlerContainer
org.mortbay.jetty.handler.HandlerWrapper
org.mortbay.jetty.Server
org.mortbay.setuid.SetUIDServer
- All Implemented Interfaces:
- LifeCycle, Handler, HandlerContainer, Attributes
public class SetUIDServer
- extends Server
This extension of Server
will make a JNI call to set the unix UID.
This can be used to start the server as root so that privileged ports may
be accessed and then switch to a non-root user for security.
Depending on the value of setStartServerAsPrivileged(boolean)
, either the
server will be started and then the UID set; or the Server.getConnectors()
will be
opened with a call to Connector.open()
, the UID set and then the server is started.
The later is the default and avoids any webapplication code being run as a privileged user,
but will not work if the application code also needs to open privileged ports.
The configured umask is set before the server is started and the configured
uid is set after the server is started.
- Author:
- gregw
Methods inherited from class org.mortbay.jetty.Server |
addConnector, addHandler, addLifeCycle, addUserRealm, clearAttributes, doStop, getAttribute, getAttributeNames, getConnectors, getContainer, getGracefulShutdown, getHandlers, getSendDateHeader, getSendServerVersion, getSessionIdManager, getStopAtShutdown, getThreadPool, getUserRealms, getVersion, handle, join, removeAttribute, removeConnector, removeHandler, removeLifeCycle, removeUserRealm, setAttribute, setConnectors, setGracefulShutdown, setHandlers, setSendDateHeader, setSendServerVersion, setSessionIdManager, setStopAtShutdown, setThreadPool, setUserRealms |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
SetUIDServer
public SetUIDServer()
setUsername
public void setUsername(java.lang.String username)
getUsername
public java.lang.String getUsername()
setGroupname
public void setGroupname(java.lang.String groupname)
getGroupname
public java.lang.String getGroupname()
getUmask
public int getUmask()
setUmask
public void setUmask(int umask)
getUid
public int getUid()
setUid
public void setUid(int uid)
setGid
public void setGid(int gid)
getGid
public int getGid()
setRLimitNoFiles
public void setRLimitNoFiles(RLimit rlimit)
getRLimitNoFiles
public RLimit getRLimitNoFiles()
doStart
protected void doStart()
throws java.lang.Exception
- Overrides:
doStart
in class Server
- Throws:
java.lang.Exception
isStartServerAsPrivileged
public boolean isStartServerAsPrivileged()
- Returns:
- the startServerAsPrivileged
setStartServerAsPrivileged
public void setStartServerAsPrivileged(boolean startContextsAsPrivileged)
- Parameters:
startServerAsPrivileged
- if true, the server is started and then the process UID is switched. If false, the connectors are opened, the UID is switched and then the server is started.- See Also:
Connector#open()}
Copyright © 1995-2010 Mort Bay Consulting. All Rights Reserved.