How to create a Tomcat unproxied connector (backdoor)

プラットフォームについて: Server と Data Center のみ - この記事は、サーバーおよびデータセンター プラットフォームのアトラシアン製品にのみ適用されます。

概要

When needing to access specific nodes in a Jira DC Cluster, it is necessary to have a separate Tomcat connector, without using the LB as proxy for access.

Example scenario

Jira

  • Proxied address: https://jira.mycompany.com/
  • Unproxied address: http://192.168.100.100:8081/

前提条件

You must be able to browse to the application via the unproxied URL. Some network configurations may allow communication between the two servers, but you must be able to browse to the unproxied addresses for the purpose of creating the application link.

Set up an unproxied HTTP connector in Tomcat


リバース プロキシまたは SSL 設定をバイパスするには、Tomcat に追加の HTTP コネクタを導入します。以下は、Atlassian 製品間で Tomcat を使用するための最小限の HTTP コネクタです。

<Connector port="8081" connectionTimeout="20000" maxThreads="200" minSpareThreads="10"
    enableLookups="false" acceptCount="10" URIEncoding="UTF-8" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`&quot;&lt;&gt;" />

To make use of this, edit the server.xml file for the application in question. The connector must be added inside the Service element. You will also need to restart the application to take effect.

You should adjust the value of the port attribute in the new connector. Ensure to use a port that isn't already used by any application on the same physical machine. For example, if you have JIRA listening for incoming connections on port 8080 (which is in turn connected to a reverse proxy), you should change your new connector to something else, such as 8081.

If web.xml has been edited as per our documentation to redirect to SSL, the following lines will need to be removed:For more information, please see this Jira specific KB article.

Note for SSO bypass

The SSO configuration may need to be bypassed in order to log in to the node directly without redirection to SSO URL.  See this page for instructions:

Bypass SAML authentication for Jira Data Center


説明

When testing for use cases, it may be necessary to connect to a specific node, without disrupting normal usage for your instances.

製品Jira, Confluence, Bitbucket, Bamboo, Fisheye
プラットフォームServer, Data Center
最終更新日 2021 年 9 月 21 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.