users@glassfish.java.net

Glassfish on Windows Server 2008 will not accept incoming requests - SOLVED

From: <glassfish_at_javadesktop.org>
Date: Fri, 17 Jul 2009 23:17:55 PDT

...Jeanfrancois Arcand was 99% correct; I figured out the rest, and am reporting back.

Allowing Glassfish through the more complex Windows Server 2008 Firewall is harder than previous windows server OS's. Here's why:

- You *must* write custom rules to allow stuff through, instead of just setting a program to be allowed thru

- Especially for service apps (daemons in the non-windows world), you must write both inbound *and* outbound rules.

However, in this OS it's best to write a program rule rather than a port rule, because it's simpler. And because the Windows Server 2008 firewall dynamically opens and closes only the ports the app needs anyway, it's just as secure as opening specific ports.

Another thing I found using a port monitor was that it's not the appserv-whatever EXE that has to be allowed through, it's *java.exe* that has to be allowed through.

So, I deleted everything that I had tried and wrote an inbound and outbound rule, for the java runtime that Glassfish was using (JAVA.EXE). This finally opened up the server to PCs on the LAN. Then, I just configured our gateway a little differently, and now the server is visible on the public 'net as well.

Merci, Jeanfrancois :)

Ideally, tho, this is still just a workaround for what I REALLY want to do. This workaround opens up two ports to the public internet, something I feel nervous doing. What I'd like to do is, have only one port open to the public 'net (the IIS port), but whenever IIS gets a request for a JSP, it knows to forward it to Glassfish, which processes it then spits it back to IIS, and then IIS outputs it thru its port.

I've tried to configure the load balancer for Windows Server 2008, but none of the instructions I've found so far are complete enough for it to work. Also, I read that if the Load Balancer and Glassfish are configured for clustering, then autodeploy is disabled, something I don't want to do.

Oh well, the search continues.....

Cheers, Pudnik
[Message sent by forum member 'pudnik' (pudnik)]

http://forums.java.net/jive/thread.jspa?messageID=356374
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.