close

Filter

loading table of contents...

Deployment Manual / Version 2412.0

Table Of Contents

3.2.2 CORBA Properties

com.coremedia.corba.client.local-socket
Type Boolean
Default false
Description

Redirect all outgoing connections to localhost.

This is useful for running UAPI clients locally, while forwarding HTTP and CORBA connections to the servers through an SSH tunnel. A typical SSH invocation that allows the use of this socket factory would look like this, forwarding all ports of the Content Management Server and the Workflow Server:

ssh -L 40180:SERVER:40180 -L 40183:SERVER:40183 -L 40380:SERVER:40380 -L 40383:SERVER:40383 HOST

When using this option, you should also activate com.coremedia.corba.server.setNoSocket(boolean) in order to reduce the attack surface of the JVM.

com.coremedia.corba.client.redirect.original-host
Type String
Description

Redirect IIOP invocations to other addresses.

Useful in tunnelling scenarios: imagine a server X on port P running in a network you cannot reach; but you are able to create a tunnel that forwards your address Y:Q to X:P, e.g. you do user@Y % ssh -g -LQ:X:P

Then you can configure your clients by the com.coremedia.corba.client.redirect property group:

  • originalHost: The original server's name (X). If set, only IORs pointing to that server will be redirected.

  • redirectHost: The new server name (Y). If set, this name will be placed in the new target address.

  • originalPort: The original server's port (P). If set, only IORs pointing to that port will be redirected.

  • redirectPort: The new server port (Q). If set, this port will be placed in the new target address.

com.coremedia.corba.client.redirect.original-port
Type Integer
Default -1
Description

Redirect IIOP invocations to other addresses.

For details see com.coremedia.corba.client.redirect.originalHost.

com.coremedia.corba.client.redirect.redirect-host
Type String
Description

Redirect IIOP invocations to other addresses.

For details see com.coremedia.corba.client.redirect.originalHost.

com.coremedia.corba.client.redirect.redirect-port
Type Integer
Default -1
Description

Redirect IIOP invocations to other addresses.

For details see com.coremedia.corba.client.redirect.originalHost.

com.coremedia.corba.client.ssl.clear-text-ports
Type String
Description

The Corba clear text ports

Usually one, maybe two (comma separated) values for Content Server and Workflow Server. In case of multiple values, the order must correspond to the com.coremedia.corba.client.ssl.sslPorts.

com.coremedia.corba.client.ssl.keystore
Type String
Description

The keystore for SSL encrypted communication

com.coremedia.corba.client.ssl.passphrase
Type String
Description

The passphrase for SSL encrypted communication

com.coremedia.corba.client.ssl.ssl-ports
Type String
Description

The Corba SSL text ports

Usually one, maybe two (comma separated) values for Content Server and Workflow Server. In case of multiple values, the order must correspond to the com.coremedia.corba.client.ssl.clearTextPorts.

com.coremedia.corba.server.host
Type String
Description

The host of the ORB.

This hostname is exposed to the client via the IOR. Normally, you do not need to care about this, but in runtime environments with special DNS configurations it may be necessary to set a certain name that the client is able to resolve.

com.coremedia.corba.server.no-socket
Type Boolean
Default true
Description

Disable ORB server sockets.

This is useful when no incoming requests are expected, so that the server socket would only pose a security risk.

The default is true, i.e. server sockets are disabled. This is appropriate for all client applications and must be set to false only for Content Server (CMS, MLS and RLS) and Workflow Servery applications.

com.coremedia.corba.server.port
Type Integer
Default -1
Description

The clear text port of the ORB.

com.coremedia.corba.server.single-ip
Type String
Description

Bind ORB sockets to this IP address.

Useful to keep control on multi-homed hosts.

com.coremedia.corba.server.ssl.enforce
Type Boolean
Default false
Description

Enforce SSL communication

By default, the ORB opens an SSL port additionally to the clear text port. With this flag you can suppress the clear text port and thus ensure that clients use SSL connections.

com.coremedia.corba.server.ssl.keystore
Type String
Description

The keystore for SSL encrypted communication

com.coremedia.corba.server.ssl.passphrase
Type String
Description

The passphrase for SSL encrypted communication

com.coremedia.corba.server.ssl.ssl-port
Type Integer
Default -1
Description

The port of the ORB for SSL encrypted communication.

The orb will open the SSL socket in addition to the clear text port. There is no way to disable this.

Table 3.8. CORBA Properties


Search Results

Table Of Contents
warning

Your Internet Explorer is no longer supported.

Please use Mozilla Firefox, Google Chrome, or Microsoft Edge.