Chapter 11 Security Configuration Tasks
A listener is an EAServer port that communicates to clients using various protocols. For protocols that use SSL security features (HTTPS and IIOPS), you assign a security profile to the listener. The profile defines security characteristics of the listener. For protocols that do not use SSL (HTTP, IIOP, and TDS), no security profile is required.
This section describes the tasks required to configure listeners. You can:
EAServer comes with preconfigured listeners for all protocols. Secure protocols are assigned a predefined security profile.
The default settings for the preconfigured listeners are described in Table 11-4. Only secure listeners use security profiles.
Listener name | Port | Security profile |
---|---|---|
http | 8080 | |
https1 | 8081 | sample1 |
https2 | 8082 | sample2 |
iiop | 9000 | |
iiops1 | 9001 | sample1 |
iiops2 | 9002 | sample2 |
tds | 7878 | |
OpenServer | 7979 |
The default host for these listeners is "localhost." Sybase recommends that after you install EAServer, you log in to Jaguar Manager and change the default host setting to the actual host name or IP address of your machine. If you do not, only connection requests originating from the EAServer host machine are accepted. This means that, until you modify your settings, Jaguar Manager must also be on the same machine as the server. You can also modify port number settings for the preconfigured listeners. For more information, see "Configuring listeners".
The OpenServer listener is intended for migrating existing Open Server applications to EAServer. See the EAServer Programmer's Guide for more information.
You must restart EAServer for your changes to take effect. If you have changed the server's host name and port number, you must also restart Jaguar Manager and reconnect to the server using the new host name and port number.
If a server cannot retrieve listener information from the repository for an IIOP listener or if an IIOP listener has not been configured, the server attempts to open a listener at this address:
IIOP: localhost, 9000
Listener start-up can fail if a port is already in use. You can verify the listener addresses in use by viewing the initial log entries in the srv.log file. If the log messages indicate a listener configuration problem, use Jaguar Manager to connect to the indicated IIOP address and reconfigure the server's listener properties.
This section describes how to create, modify, and delete a listener. All of the configuration tasks require you to first access the Listeners folder from Jaguar Manager:
Creating a new listener
The new listener appears on the right side of the window when you highlight the Listeners folder.
Modifying an existing listener
Deleting a listener
Property | Description | Comments/example |
---|---|---|
Protocol | Select the protocol from
the drop-down list:
|
HTTPS and IIOPS are secure protocols
that provide all of the security features made available by SSL,
including authentication and encryption.
TDS, IIOP, and HTTP do not provide encryption. TDS and IIOP provide user name and password-based authentication. |
Host | The name or IP address of the EAServer host to which the listener is being assigned. | For predefined listeners, change the
initial setting from "localhost" to the actual
machine name or IP address. This allows clients from other machines
access to EAServer.
Sybase recommends that you provide the IP address of the host instead of the host name. In certain cases, a client may not be able to resolve a host name; for example, the client's DNS server or hosts file may not have an entry for the specified host. |
Port | The port number on the host to which the listener is assigned. | Make sure that the port is not in use by any other service. |
Jaguar Security Profile | Select one of the preconfigured security profiles from the drop-down list. This field is enabled for only the secure protocols (HTTPS or IIOPS). | You can create new security profiles that can be assigned to a listener. See "Configuring security profiles" for information on security profiles. |
Enable Open Server Events | When selected, the TDS port accepts open server client connections, if not, only MASP requests are accepted. | You must use TDS as the protocol for Open Server events. |
Copyright © 2002 Sybase, Inc. All rights reserved. |