org.mortbay.setuid
Class SetUIDServer

java.lang.Object
  extended by org.mortbay.component.AbstractLifeCycle
      extended by org.mortbay.jetty.handler.AbstractHandler
          extended by org.mortbay.jetty.handler.AbstractHandlerContainer
              extended by org.mortbay.jetty.handler.HandlerWrapper
                  extended by org.mortbay.jetty.Server
                      extended by org.mortbay.setuid.SetUIDServer
All Implemented Interfaces:
LifeCycle, Handler, HandlerContainer, Attributes

public class SetUIDServer
extends Server

This extension of Server will make a JNI call to set the unix UID. This can be used to start the server as root so that privileged ports may be accessed and then switch to a non-root user for security. Depending on the value of setStartServerAsPrivileged(boolean), either the server will be started and then the UID set; or the Server.getConnectors() will be opened with a call to Connector.open(), the UID set and then the server is started. The later is the default and avoids any webapplication code being run as a privileged user, but will not work if the application code also needs to open privileged ports.

The configured umask is set before the server is started and the configured uid is set after the server is started.

Author:
gregw

Nested Class Summary
 
Nested classes/interfaces inherited from class org.mortbay.jetty.Server
Server.Graceful
 
Nested classes/interfaces inherited from interface org.mortbay.component.LifeCycle
LifeCycle.Listener
 
Field Summary
 
Fields inherited from class org.mortbay.jetty.Server
SNAPSHOT_VERSION, UNKNOWN_VERSION
 
Fields inherited from class org.mortbay.jetty.handler.AbstractHandler
_string
 
Fields inherited from class org.mortbay.component.AbstractLifeCycle
_listeners
 
Fields inherited from interface org.mortbay.jetty.Handler
ALL, DEFAULT, ERROR, FORWARD, INCLUDE, REQUEST
 
Constructor Summary
SetUIDServer()
           
 
Method Summary
protected  void doStart()
           
 int getGid()
           
 java.lang.String getGroupname()
           
 RLimit getRLimitNoFiles()
           
 int getUid()
           
 int getUmask()
           
 java.lang.String getUsername()
           
 boolean isStartServerAsPrivileged()
           
 void setGid(int gid)
           
 void setGroupname(java.lang.String groupname)
           
 void setRLimitNoFiles(RLimit rlimit)
           
 void setStartServerAsPrivileged(boolean startContextsAsPrivileged)
           
 void setUid(int uid)
           
 void setUmask(int umask)
           
 void setUsername(java.lang.String username)
           
 
Methods inherited from class org.mortbay.jetty.Server
addConnector, addHandler, addLifeCycle, addUserRealm, clearAttributes, doStop, getAttribute, getAttributeNames, getConnectors, getContainer, getGracefulShutdown, getHandlers, getSendDateHeader, getSendServerVersion, getSessionIdManager, getStopAtShutdown, getThreadPool, getUserRealms, getVersion, handle, join, removeAttribute, removeConnector, removeHandler, removeLifeCycle, removeUserRealm, setAttribute, setConnectors, setGracefulShutdown, setHandlers, setSendDateHeader, setSendServerVersion, setSessionIdManager, setStopAtShutdown, setThreadPool, setUserRealms
 
Methods inherited from class org.mortbay.jetty.handler.HandlerWrapper
expandChildren, getHandler, handle, setHandler, setServer
 
Methods inherited from class org.mortbay.jetty.handler.AbstractHandlerContainer
expandHandler, getChildHandlerByClass, getChildHandlers, getChildHandlersByClass
 
Methods inherited from class org.mortbay.jetty.handler.AbstractHandler
destroy, getServer, toString
 
Methods inherited from class org.mortbay.component.AbstractLifeCycle
addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface org.mortbay.component.LifeCycle
addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop
 

Constructor Detail

SetUIDServer

public SetUIDServer()
Method Detail

setUsername

public void setUsername(java.lang.String username)

getUsername

public java.lang.String getUsername()

setGroupname

public void setGroupname(java.lang.String groupname)

getGroupname

public java.lang.String getGroupname()

getUmask

public int getUmask()

setUmask

public void setUmask(int umask)

getUid

public int getUid()

setUid

public void setUid(int uid)

setGid

public void setGid(int gid)

getGid

public int getGid()

setRLimitNoFiles

public void setRLimitNoFiles(RLimit rlimit)

getRLimitNoFiles

public RLimit getRLimitNoFiles()

doStart

protected void doStart()
                throws java.lang.Exception
Overrides:
doStart in class Server
Throws:
java.lang.Exception

isStartServerAsPrivileged

public boolean isStartServerAsPrivileged()
Returns:
the startServerAsPrivileged

setStartServerAsPrivileged

public void setStartServerAsPrivileged(boolean startContextsAsPrivileged)
Parameters:
startServerAsPrivileged - if true, the server is started and then the process UID is switched. If false, the connectors are opened, the UID is switched and then the server is started.
See Also:
Connector#open()}


Copyright © 1995-2010 Mort Bay Consulting. All Rights Reserved.