Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Crowd firewall configuration RHEL 7.4

Bob B
Bob B February 26, 2018

Hi,

I would like to know more about firewall configuration for crowd in RHEL 7.4. 

I have added the 8095 with firewall-cmd and semanage commands, but still can't access to crowd through web browser.

What could be wrong? How to check if crowd is running? 

Thanks.

Answer
Watch
Like Be the first to like this
967 views

1 answer

1 accepted

2 votes
Answer accepted
Bruno Vincent
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 26, 2018

Hi @Bob B

You should run a simple netstat to check whether port 8095 is actually listening

$ netstat -an | grep 8095

You should also check what you've got in <crowd.install.directory>/apache-tomcat/logs/catalina.out. When Crowd has successfully started, you should get the following INFO log message:

2018-02-26 09:46:40,077 localhost-startStop-1 INFO [com.atlassian.crowd.startup] Starting Crowd Server, Version: 3.1.2 (Build:#891 - 2018-01-19)

*********************************************************************************************
*
* You can now use the Crowd server by visiting http://localhost:8095/crowd
*
*********************************************************************************************

Did you reload the firewall service after you added the new rule?

$ sudo firewall-cmd --reload
View More Comments
Bob B
Bob B February 26, 2018

Thanks.

netstat -an | grep 8095
tcp6 0 0 :::8095 :::* LISTEN

the log says x.x.x.8095/opeidserver

does it mean i've installed wrong server?

EDIT:

and x.x.x.8095/opeidserver still refused to connect ... Ihave Jira core server  installed on same computer and Jira core is working fine...

Like
Bruno Vincent
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 26, 2018

The OpenID server is bundled in the default Crowd installation package. The first server to be started is Crowd Server then OpenID server. So, it's just fine that you see that the OpenID server is started, it does not mean that the Crowd server is not. Check the catalina.out file, a few lines before the log about the OpenID server you should see the same info about the Crowd server.

On your Crowd server, do you get 8095/tcp in the results of the following command? 

$ sudo firewall-cmd --list-ports

On a remote Linux machine, what do you get with a simple TCP connection to your Crowd server?

$ nc -vz <CROWD_SERVER_IP> 8095 
Like
Bruno Vincent
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 26, 2018

BTW I've noticed that the output of your netstat command is "tcp6" which means IPv6. Are you really trying to connect to an IPv6 address? If your Crowd server FQDN was bound to an IPv4 address I think you would see "tcp" or "tcp46" as a result of the netstat command.

If you want to force Crowd to use IPv4, add the -Djava.net.preferIPv4Stack=true option in apache-tomcat/bin/setenv.sh

JAVA_OPTS="-Xms128m -Xmx512m -Dfile.encoding=UTF-8 -Djava.net.preferIPv4Stack=true $JAVA_OPTS"
Like
Bob B
Bob B February 27, 2018

Thank you @Bruno Vincent. Turns out the port was disabled in network level... I had to change the default port to 80 (since i don't have network admin access) to make it run...

Like
Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events