Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,458,747
Community Members
 
Community Events
176
Community Groups

Crowd firewall configuration RHEL 7.4

Hi,

I would like to know more about firewall configuration for crowd in RHEL 7.4. 

I have added the 8095 with firewall-cmd and semanage commands, but still can't access to crowd through web browser.

What could be wrong? How to check if crowd is running? 

Thanks.

1 answer

1 accepted

2 votes
Answer accepted

Hi @Bob B

You should run a simple netstat to check whether port 8095 is actually listening

$ netstat -an | grep 8095

You should also check what you've got in <crowd.install.directory>/apache-tomcat/logs/catalina.out. When Crowd has successfully started, you should get the following INFO log message:

2018-02-26 09:46:40,077 localhost-startStop-1 INFO [com.atlassian.crowd.startup] Starting Crowd Server, Version: 3.1.2 (Build:#891 - 2018-01-19)

*********************************************************************************************
*
* You can now use the Crowd server by visiting http://localhost:8095/crowd
*
*********************************************************************************************

Did you reload the firewall service after you added the new rule?

$ sudo firewall-cmd --reload

Thanks.

netstat -an | grep 8095
tcp6 0 0 :::8095 :::* LISTEN

the log says x.x.x.8095/opeidserver

does it mean i've installed wrong server?

EDIT:

and x.x.x.8095/opeidserver still refused to connect ... Ihave Jira core server  installed on same computer and Jira core is working fine...

The OpenID server is bundled in the default Crowd installation package. The first server to be started is Crowd Server then OpenID server. So, it's just fine that you see that the OpenID server is started, it does not mean that the Crowd server is not. Check the catalina.out file, a few lines before the log about the OpenID server you should see the same info about the Crowd server.

On your Crowd server, do you get 8095/tcp in the results of the following command? 

$ sudo firewall-cmd --list-ports

On a remote Linux machine, what do you get with a simple TCP connection to your Crowd server?

$ nc -vz <CROWD_SERVER_IP> 8095 

BTW I've noticed that the output of your netstat command is "tcp6" which means IPv6. Are you really trying to connect to an IPv6 address? If your Crowd server FQDN was bound to an IPv4 address I think you would see "tcp" or "tcp46" as a result of the netstat command.

If you want to force Crowd to use IPv4, add the -Djava.net.preferIPv4Stack=true option in apache-tomcat/bin/setenv.sh

JAVA_OPTS="-Xms128m -Xmx512m -Dfile.encoding=UTF-8 -Djava.net.preferIPv4Stack=true $JAVA_OPTS"

Thank you @Bruno Vincent. Turns out the port was disabled in network level... I had to change the default port to 80 (since i don't have network admin access) to make it run...

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events