Controlling the ports used by the webserver configuration utility

The wsconfig utility that installs the webserver connector for ColdFusion MX tries to establish TCP connections to the JRun server on two ports for the installation process, the JNDI port and the RMI port. Here's how to control both.

First it will scan the port range 2900 - 3000 to find out whats listening, then it will begin to connect to each active port discovered in that range starting at 2900. The target port is referred to as the JNDI port that the JRun server listens on. A server's JNDI port is defined in jndi.properties such as with the following setting
java.naming.provider.url=localhost:2920

Second, upon successful communication with the JRun server on the JNDI port, the JRun server will instruct wsconfig to complete the second half of the communication on the RMI port. By default, this is a high *random* port. So this is where most Linux folks running a firewall go wrong. They allow for the JNDI port but don't know about the high random port for RMI.

This two part process is described in more detail in my blog post Tracing wsconfig with Ethereal Network Analyzer.

[More]

Regarding File Permissions on CFML Source Files

Ok, final post for today. This one is also a follow up to a demonstration made by the instructor in my DB Design class that was intended to stress the importance of users setting Read permission on for Other on a common Linux server used by the class. Reposting here for benefit of those not on the internal class forum.

--

In last night's class Maria demonstrated the importance of having the read bit turned on for Other for your ColdFusion cfm files.

Initially she removed the read bit for Other and then refreshed the browser while expecting to demonstrate an error that she wants to protect you from. Instead the page worked as normal? So what happened?

[More]

How ColdFusion Receives and Processes Requests.

Here's another post I made to the internal forum for my class on Database Design where I describe how requests are handled by ColdFusion and how the webserver connector works in general. Reposting here in case anyone finds it useful.

--

A question was asked in yesterday's class regarding the difference between making requests to the Apache port versus the ColdFusion port.

Effectively, the answer is that there is no difference for the purpose of this class.

ColdFusion MX has a built-in webserver that can be used in lieu of an external, production-quality webserver like Apache, Iplanet, or IIS. The default for this built-in webserver is port 8500, 8501, or 8300 depending on the type of installation and CF version, and that port is configurable.

[More]

Renderings of Concord Center and the Hartwell House

Photo gallery from an early morning in Concord including Concord Center, the Unitarian Church, The Colonial Inn, and the Hartwell House in nearby Lexington. These are renderings of Concord taken with a Canon EOS D20 and enhanced with Adobe Photoshop CS 2 to give them a hand drawn ink and watercolor feeling.

I'm still learning about printing techniques, but I've already learned how to upscale photos so that I can make larger prints without significantly reducing image quality. Just for fun, I ordered the first rendering of Concord Center in a 20" x 30" size from Shutterfly. The upscaling and posterizing enhancments caused the filesize to increase from about 11MB to 61MB, and Flickr won't accept files that large, so I had to use Shutterfly. Photos of that size are done in matte paper only, although it looked more like semi-gloss to me. Aside from the glossyish paper, the photo came out great at that size. I'd like to do a custom print on watercolor paper on a professional printer and then matte and frame it for my home.

These photos were taken during a 1 day workshop of personal instruction from Bill Claybrook of New River Photography. It was just Bill and I, so the workshop was definitely worth it just for the personal attention alone. Bill and I made our paces through Concord Center on a Saturday morning, and then at the Hartwell House on Battle Road on the way to Lexington. Then we spent a few hours at Bill's house where he showed me his techniques for printing, and then we went back on the road for more photography at the Shaker Village in Harvard, MA. Oddly, Bill's primary occupation is a Linux industry analyst and currently works for Novell, maker of Suse Linux. His articles can be found on the web including at Linux World Magazine on Sys-Con.com.

www.flickr.com


My other photo galleries of Concord, MA:
- Autumn in Concord, MA
- Snow Storm in Concord, MA
- Concord on Forth of July

ColdFusion MX 7.01 installation on RHEL4 - Warning: C++ compatibility pack

With support for Red Hat Enterprise Linux 4 introduced by ColdFusion MX 7.01, a C++ compatibility pack warning may be erroneously presented during ColdFusion installation. The ColdFusion MX installation script uses the command rpm --query compat-libstdc++ to ascertain if the C++ compatibility pack is installed on the system. The actual RPM package name is not compat-libstdc++ so the rpm command does not return a successful result and the CFMX installation script produces warning.

To more accurately determine the status of a C++ compatibility pack on the system, the ColdFusion MX installation script should either query all packages and use the grep command as a filter or query the exact package name. For example, the command rpm -qa | grep compat-libstdc++ queries all packages and filters or greps on the string compat-libstdc++. On my RHEL4 system, this command produced two results, compat-libstdc++-33-3.2.3-47.3 and compat-libstdc++-296-2.96-132.7.2.

[More]

Working with SELinux and ColdFusion MX in Red Hat Linux 4

Support for Red Hat Enterprise Linux 4 is introduced with the release of ColdFusion MX 7.01. This presents a new security challenge to System Administrators configuring ColdFusion MX for Apache since the SELinux functionality is ACTIVE by default starting with RHEL4. SELinux, or Security Enhanced Linux, is a software product developed by the National Security Agency and has become a standard in Red Hat Linux distributions including RHEL and Fedora Core Linux (FC remains unsupported by CFMX). The most notable problem arises when attempting to configure the webserver to run the ColdFusion connector stub. This problem and a recommended solution are described further below, but first I'll quote from two references regarding the nature of SELinux.

[More]

Installation and configuration of CFMX 7.01 on RHEL 4 with Apache and MySQL

This meeting of the Online ColdFusion Meetup Group has been recorded and is available for viewing here:

http://adobe.breezecentral.com/p15449246/
The subject of this meeting was installing ColdFusion MX 7.01 server application on Red Hat Enterprise Linux 4, configuring it for the Apache webserver, and connecting to and using the MySQL 4.1 database. I tried to cover everything you need to know to get started while demonstrating the range of problems that some users encounter and then showing the solutions.

The topic list includes:

  • Installing ColdFusion MX 7.01 Server Configuration
  • Usage of Red Hat System V "boot scripts" with the service command.
  • Identifying and fixing CFMX problems due to missing X libraries
  • Identifying and fixing SELinux security context problems the right way. Security Enhanced Linux is now ACTIVE by default in Red Hat 4 and Fedora Core 4
  • Configuring Apache webserver and adding the CFMX connector module to the same SELinux security context as Apache.
  • MySQL 4.1 commandline usage to create databases and assign users in a secure manner
  • Configuration of JDBC driver for CFMX to connect to MySQL 4.1 (rather than 3.2x)
  • Demonstration of Linux user and group management for web application development


  • Installation of the CFEclipse plugin, a free and alternative IDE to develop ColdFusion applications while working on Linux or Mac OS X workstations, rather than using Homesite or Dreamweaver.

After watching the recording you'll be able to set this up for yourself at home all for free. Apache, MySQL, and Eclipse/CFEclipse are free products for home use, and rather than using Red Hat Enterprise Linux you can use its little brother Fedora Linux instead.

[More]

Finding out what package provides an unsatisified link

Here's a quick tip for Linux users... Should you find a missing dependency on the system, be it while running ColdFusion or any other software, you can query the system to find out what package should provide the missing library, and then find and install that package.

As an example, if the legacy X development packages aren't installed then you might find ColdFusion reporting an error about the Graphing Service. Inspecting the ColdFusion logs its revealed that there's a missing link in one of the Java AWT libraries:

Error [main] - Unable to initialize Graphing service: java.lang.UnsatisfiedLinkError: /opt/coldfusionmx7/runtime/jre/lib/i386/libawt.so: libXp.so.6:

[More]

ColdFusion MX 7.01 Just Released

In these last 10 minutes the CFMX Updates page on Macromedia.com was modified to include the lastest revision of ColdFusion MX, 7.01. This free update for CFMX 7 provides support for Network Deploy on WebSphere, support for Oracle 10g, support for Red Hat Enterprise Linux 4 and Suse 9 Enterprise Linux, a Mac OS X clickable and user friendly installation GUI for the familiar Server Configuration of ColdFusion MX, as well as a bundle of bug fixes.

Check out more here:

* Welcome to Merrimack: An Even Better ColdFusion MX 7 DevNet article
* FAQ about the ColdFusion MX 7 Updater (7.0.1)
* Downloads page for ColdFusion MX 7.01
* Screenshots of CFMX 7.01 installation on Mac OS X
* ColdFusion MX 7 Updater Release Notes

The System Requirements page is still pointing to the CFMX 7.0 version, so hopefully that will get updated soon.

[steven@macromedia /work]$ shutdown -h +360 'Going on sabbatical. Please log off'

Like many others at Macromedia, its my turn for a long sabbatical, although I've been eligible for over a year. For the next six weeks, until September 12th, I'll be out of the office. I suspect that this is the first and the last time I'll be able to take such an extended leave.

I plan to spend the first 3 weeks at home, biking, swimming, reading, and blogging. Some of my objectives include reading parts of several technical books including one on Eclipse which has a chapter on building plugins, one on building Dashboard Widgets on Mac OSX, and one on Photoshop CS. I may take some time to read up SELinux, too.

During this last month I've been reading Thomas Friedman's The World is Flat, which I highly recommend, so I hope to finish that up. I think that Friedman's book is complemented by Jared Diamond's Guns, Germs, and Steel, and by Spencer Well's The Journey of Man: A Genetic Odyssey, but best if read (or viewed) starting with Wells and finishing with Friedman. If I find a day to spare, I think I'll finally sit myself down to watch the whole 8 hour series Cosmos, by Carl Sagan.

During the second half of my sabbatical, I'll be in Barcelona, Spain and then in the high Pyrenees. My wife and I were married in a civil ceremony two years ago and now we will be having a formal ceremony in a 12th century church in a small mountain village near the border with France, close to Pico Aneto, the highest mountain in Spain. I used Ray's BlogCFC to create a dual English/Spanish informational website to assist the guests.

If you're not familiar with the region, check this out. Its a small Javascript app that zooms in on Barcelona and the Pyrennes, which I made for those who will be travelling from the US. It's a little slow in MSIE, but great in Firefox. This was before Google Earth came out, so I was trying to provide a way for non-technical people to get their bearings.

shutdown -h +360 "Going on sabbatical. Please log off"
Broadcast message from root (pts/1)
(Fri Jul 29 11:56:35 2005):
Going on sabbatical. Please log off
The system is going DOWN for system halt in 6 hours!

Previous Entries / More Entries