tracker issue : CF-3745645

select a category, or use search below
(searches all categories and all time range)
Title:

CF11 should expose AJP Port, Change at Install,

| View in Tracker

Status/Resolution/Reason: To Fix//

Reporter/Name(from Bugbase): Mike Collins / Mike Collins (Mike Collins)

Created: 04/18/2014

Components: Installation/Config

Versions: 11.0

Failure Type: Enhancement Request

Found In Build/Fixed In Build: PublicBeta /

Priority/Frequency: Minor / Some users will encounter

Locale/System: ALL / Win 2008 Server R2

Vote Count: 0

I just updated my server with the beta release and I did not uninstall my prerelease version to make sure I could remember dsn's I need to carry over etc.

When I installed the beta I choose to use the internal web server since my prerelease was already on iis, and I was going to do it later.

I restarted after the install.  and the Beta service started and the prerelease did not.

Anyway, what ends up happening is that IIS will send requests to the beta install because the IIS handlers mappings will still apply but the AJP port will be the beta install and not the prerelease install.
If you look at IIS Handler mappings you see they are still pointed at the prerelease install, however, all it does is proxy requests to the beta install.

My scenario, is one way AJP ports can get criss crossed.  I am thinking that a Server Admins will do something similar and not realize anything about the AJP port and how it is tied to IIS.  So if this was a Prod server it could be caught, or depending on the configuration, in some scenarios it might not be caught immediately and it create a mess.

Potential Solution
1. Have the install expose the AJP ports and inform the installer not to use any ports in use by IIS, Apache. It would be nice to se
2. Don't bind to the Connector AJP port until a connector is actually defined.
3.  Allow the wsconfig to change \ turn on \ port and restart server.
4.  The connector setup could be decoupled to be managed separately and add more request routing options.  The wsconfig could manage all servers across versions and web sites.  It could also use rules to route requests.

The port is defined on each server  in the ../cfusion/runtime/conf/server.xml file.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	3745645

External Customer Info:
External Company:  
External Customer Name: mcollins323
External Customer Email:  
External Test Config: My Hardware and Environment details:

Attachments:

Comments:

Mike, You cannot have a second installation of the same version of ColdFusion, in a stand-alone mode, on the same machine. So I don't see how this port conflict situation can arise. Given this, do you think there would still be a point to this enhancement request?
Comment by Piyush K.
12612 | April 21, 2014 08:59:08 AM GMT
I would add: - The install should than know another installation is present - I was able to get it to get 2 full installs working by changing a couple ports in the server.xml. In a migration scenario I could see this. - Either way why would you open a port if I chose to not install the connector. Only an advanced admin would know it was open. I believe the port is only bound to 127.0.0.1 but it could be a security issue as well. Customer might want to reverse proxy to 127.0.0.1:8500 and not use the 8014 AJP port as an example. - If someone is doing war deploys or doing some custom deployments, copying servers directories from one server to another, I just think it would be good to expose defined and open connector ports for each instance of CF.
Comment by External U.
12613 | April 21, 2014 09:37:12 AM GMT
One more addition: - If a customer was using port 8014 AJP for CF10 as they are migrating to CF11 you could then have an issue. The admin might restart the server, and depending on what service grabs 8014 it will get the CF requests. CF10 starts with 8012 as the default and adds 1 for every server instance - so if you created 2 instances you will have a conflict. Is this conflict handled somehow during install? It would be good to know either way, since we will soon have people with CF10 and 11 on the same servers. I just checked my laptop where I have CF10 with 3 server instances and one was 8014 (not sure it was running at install). CF11 still installed with 8014.
Comment by External U.
12614 | April 21, 2014 01:17:08 PM GMT