Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Securing Jetty

Securing against accidental or malicious termination

You can start Jetty in such a way as to require identification before a termination request is accepted. This can help safeguard against either accidental or malicious terminations.

This involves starting jetty with a STOP.PORT parameter:

Code Block
 java -DSTOP.PORT=8079 -jar start.jar 

The STOP.PORT is the number of a port on which Jetty will listen for termination requests. In this case, the port number is 8079. You can then stop jetty either with a cntrl-c in the controlling terminal window (unless you have disassociated the Jetty process from a terminal), or by supplying this port number on a stop request from any terminal.

You can also supply a secret key on startup which must also be present on the termination request to enhance security:

Code Block
 java -DSTOP.PORT=8079 -DSTOP.KEY=mysecret -jar start.jar 

As a further security measure, you can omit the STOP.KEY property on startup, in which case Jetty will generate and print on stdout a random key:

Code Block
 
> java -DSTOP.PORT=8079 -jar start.jar 
-DSTOP.KEY=3xspihnnsse8

This key should then be supplied on the termination request:

Code Block
 java -DSTOP.PORT=8079 -DSTOP.KEY=3xspihnnsse8 -jar start.jar --stop 
Contact the core Jetty developers at www.webtide.com
private support for your internal/customer projects ... custom extensions and distributions ... versioned snapshots for indefinite support ... scalability guidance for your apps and Ajax/Comet projects ... development services from 1 day to full product delivery