Appendix A. Reference Material
A.1. Server Runtime Arguments
The application server startup script accepts arguments and switches at runtime. This allows the server to start under alternative configurations to those defined in the standalone.xml
, domain.xml
, and host.xml
configuration files.
Alternative configurations might include starting the server with an alternative socket bindings set or a secondary configuration.
The available parameters list can be accessed by passing the help switch -h
or --help
at startup.
Argument or Switch | Operating Mode | Description |
---|---|---|
--admin-only | Standalone |
Set the server’s running type to |
--admin-only | Domain |
Set the host controller’s running type to |
-b=<value>, -b <value> | Standalone, Domain |
Set system property |
-b<interface>=<value> | Standalone, Domain |
Set system property |
--backup | Domain | Keep a copy of the persistent domain configuration even if this host is not the domain controller. |
-c=<config>, -c <config> | Standalone |
Name of the server configuration file to use. The default is |
-c=<config>, -c <config> | Domain |
Name of the server configuration file to use. The default is |
--cached-dc | Domain | If the host is not the domain controller and cannot contact the domain controller at boot, boot using a locally cached copy of the domain configuration. |
--debug [<port>] | Standalone | Activate debug mode with an optional argument to specify the port. Only works if the launch script supports it. |
-D<name>[=<value>] | Standalone, Domain | Set a system property. |
--domain-config=<config> | Domain |
Name of the server configuration file to use. The default is |
-h, --help | Standalone, Domain | Display the help message and exit. |
--host-config=<config> | Domain |
Name of the host configuration file to use. The default is |
--interprocess-hc-address=<address> | Domain | Address on which the host controller should listen for communication from the process controller. |
--interprocess-hc-port=<port> | Domain | Port on which the host controller should listen for communication from the process controller. |
--master-address=<address> | Domain |
Set system property |
--master-port=<port> | Domain |
Set system property |
--read-only-server-config=<config> | Standalone |
Name of the server configuration file to use. This differs from |
--read-only-domain-config=<config> | Domain |
Name of the domain configuration file to use. This differs from |
--read-only-host-config=<config> | Domain |
Name of the host configuration file to use. This differs from |
-P=<url>, -P <url>, --properties=<url> | Standalone, Domain | Load system properties from the given URL. |
--pc-address=<address> | Domain | Address on which the process controller listens for communication from processes it controls. |
--pc-port=<port> | Domain | Port on which the process controller listens for communication from processes it controls. |
-S<name>[=<value>] | Standalone | Set a security property. |
-secmgr | Standalone, Domain | Runs the server with a security manager installed. |
--server-config=<config> | Standalone |
Name of the server configuration file to use. The default is |
--start-mode=<mode> | Standalone |
Set the start mode of the server. This option cannot be used in conjunction with
|
-u=<value>, -u <value> | Standalone, Domain |
Set system property |
-v, -V, --version | Standalone, Domain | Display the application server version and exit. |
The configuration files that ship with JBoss EAP are set up to handle the behavior of the switches, for example, -b
and -u
. If you change your configuration files to no longer use the system property controlled by the switch, then adding it to the launch command will have no effect.
A.2. Add-User Utility Arguments
The following table describes the arguments available for the add-user.sh
or add-user.bat
script, which is a utility for adding new users to the properties file for out-of-the-box authentication.
Command Line Argument | Description |
---|---|
-a | Create a user in the application realm. If omitted, the default is to create a user in the management realm. |
-dc <value> |
The domain configuration directory that will contain the properties files. If it is omitted, the default directory is |
-sc <value> |
An alternative standalone server configuration directory that will contain the properties files. If omitted, the default directory is |
-up, --user-properties <value> |
The name of the alternative user properties file. It can be an absolute path or it can be a file name used in conjunction with the |
-g, --group <value> | A comma-separated list of groups to assign to this user. |
-gp, --group-properties <value> |
The name of the alternative group properties file. It can be an absolute path or it can be a file name used in conjunction with the |
-p, --password <value> | The password of the user. |
-u, --user <value> | The name of the user. User names can only contain the following characters, in any number and in any order:
|
-r, --realm <value> |
The name of the realm used to secure the management interfaces. If omitted, the default is |
-s, --silent |
Run the |
-e, --enable | Enable the user. |
-d, --disable | Disable the user. |
-cw, --confirm-warning | Automatically confirm warning in interactive mode. |
-h, --help |
Display usage information for the |
-ds, --display-secret | Print the secret value in non-interactive mode. |
A.3. Interface Attributes
Attribute names in this table are listed as they appear in the management model, for example, when using the management CLI. See the schema definition file located at EAP_HOME/docs/schema/wildfly-config_5_0.xsd
to view the elements as they appear in the XML, as there may be differences from the management model.
Interface Element | Description |
---|---|
any | Element indicating that part of the selection criteria for an interface should be that it meets at least one, but not necessarily all, of the nested set of criteria. |
any-address |
Empty element indicating that sockets using this interface should be bound to a wildcard address. The IPv6 wildcard address ( |
inet-address | Either an IP address in IPv6 or IPv4 dotted decimal notation, or a host name that can be resolved to an IP address. |
link-local-address | Empty element indicating that part of the selection criteria for an interface should be whether or not an address associated with it is link-local. |
loopback | Empty element indicating that part of the selection criteria for an interface should be whether or not it is a loopback interface. |
loopback-address | A loopback address that may not actually be configured on the machine’s loopback interface. Differs from inet-address type in that the given value will be used even if no NIC can be found that has the IP address associated with it. |
multicast | Empty element indicating that part of the selection criteria for an interface should be whether or not it supports multicast. |
name | The name of the interface. |
nic | The name of a network interface (e.g. eth0, eth1, lo). |
nic-match | A regular expression against which the names of the network interfaces available on the machine can be matched to find an acceptable interface. |
not | Element indicating that part of the selection criteria for an interface should be that it does not meet any of the nested set of criteria. |
point-to-point | Empty element indicating that part of the selection criteria for an interface should be whether or not it is a point-to-point interface. |
public-address | Empty element indicating that part of the selection criteria for an interface should be whether or not it has a publicly routable address. |
site-local-address | Empty element indicating that part of the selection criteria for an interface should be whether or not an address associated with it is site-local. |
subnet-match |
A network IP address and the number of bits in the address' network prefix, written in slash notation, for example, |
up | Empty element indicating that part of the selection criteria for an interface should be whether or not it is currently up. |
virtual | Empty element indicating that part of the selection criteria for an interface should be whether or not it is a virtual interface. |
A.4. Socket Binding Attributes
Attribute names in these tables are listed as they appear in the management model, for example, when using the management CLI. See the schema definition file located at EAP_HOME/docs/schema/wildfly-config_5_0.xsd
to view the elements as they appear in the XML, as there may be differences from the management model.
The following tables show the attributes that can be configured for each of the three types of socket bindings.
Attribute | Description |
---|---|
client-mappings | Specifies the client mappings for this socket binding. A client connecting to this socket should use the destination address specified in the mapping that matches its desired outbound interface. This allows for advanced network topologies that use either network address translation, or have bindings on multiple network interfaces to function. Each mapping should be evaluated in declared order, with the first successful match used to determine the destination. |
fixed-port | Whether the port value should remain fixed even if numeric offsets are applied to the other sockets in the socket group. |
interface |
Name of the interface to which the socket should be bound, or, for multicast sockets, the interface on which it should listen. This should be one of the declared interfaces. If not defined, the value of the |
multicast-address | Multicast address on which the socket should receive multicast traffic. If unspecified, the socket will not be configured to receive multicast. |
multicast-port |
Port on which the socket should receive multicast traffic. Must be configured if |
name | The name of the socket. Services needing to access the socket configuration information will find it using this name. This attribute is required. |
port | Number of the port to which the socket should be bound. Note that this value can be overridden if servers apply a port-offset to increment or decrement all port values. |
Attribute | Description |
---|---|
fixed-source-port | Whether the port value should remain fixed even if numeric offsets are applied to the other outbound sockets in the socket group. |
host | The host name or IP address of the remote destination to which this outbound socket will connect. |
port | The port number of the remote destination to which the outbound socket should connect. |
source-interface | The name of the interface that will be used for the source address of the outbound socket. |
source-port | The port number that will be used as the source port of the outbound socket. |
Attribute | Description |
---|---|
fixed-source-port | Whether the port value should remain fixed even if numeric offsets are applied to the other outbound sockets in the socket group. |
socket-binding-ref | The name of the local socket binding that will be used to determine the port to which this outbound socket connects. |
source-interface | The name of the interface that will be used for the source address of the outbound socket. |
source-port | The port number that will be used as the source port of the outbound socket. |
A.5. Default Socket Bindings
The following tables show the default socket bindings for each socket binding group.
Socket Binding | Port | Description |
---|---|---|
ajp | 8009 | Apache JServ Protocol. Used for HTTP clustering and load balancing. |
http | 8080 | The default port for deployed web applications. |
https | 8443 | SSL-encrypted connection between deployed web applications and clients. |
management-http | 9990 | Used for HTTP communication with the management layer. |
management-https | 9993 | Used for HTTPS communication with the management layer. |
txn-recovery-environment | 4712 | The JTA transaction recovery manager. |
txn-status-manager | 4713 | The JTA / JTS transaction manager. |
Socket Binding | Port | Multicast Port | Description |
---|---|---|---|
ajp | 8009 | Apache JServ Protocol. Used for HTTP clustering and load balancing. | |
http | 8080 | The default port for deployed web applications. | |
https | 8443 | SSL-encrypted connection between deployed web applications and clients. | |
jgroups-mping | 45700 | Multicast. Used to discover initial membership in a HA cluster. | |
jgroups-tcp | 7600 | Unicast peer discovery in HA clusters using TCP. | |
jgroups-udp | 55200 | 45688 | Multicast peer discovery in HA clusters using UDP. |
management-http | 9990 | Used for HTTP communication with the management layer. | |
management-https | 9993 | Used for HTTPS communication with the management layer. | |
modcluster | 23364 | Multicast port for communication between JBoss EAP and the HTTP load balancer. | |
txn-recovery-environment | 4712 | The JTA transaction recovery manager. | |
txn-status-manager | 4713 | The JTA / JTS transaction manager. |
Socket Binding | Port | Description |
---|---|---|
ajp | 8009 | Apache JServ Protocol. Used for HTTP clustering and load balancing. |
http | 8080 | The default port for deployed web applications. |
https | 8443 | SSL-encrypted connection between deployed web applications and clients. |
iiop | 3528 | CORBA services for JTS transactions and other ORB-dependent services. |
iiop-ssl | 3529 | SSL-encrypted CORBA services. |
management-http | 9990 | Used for HTTP communication with the management layer. |
management-https | 9993 | Used for HTTPS communication with the management layer. |
txn-recovery-environment | 4712 | The JTA transaction recovery manager. |
txn-status-manager | 4713 | The JTA / JTS transaction manager. |
Name | Port | Multicast Port | Description |
---|---|---|---|
ajp | 8009 | Apache JServ Protocol. Used for HTTP clustering and load balancing. | |
http | 8080 | The default port for deployed web applications. | |
https | 8443 | SSL-encrypted connection between deployed web applications and clients. | |
iiop | 3528 | CORBA services for JTS transactions and other ORB-dependent services. | |
iiop-ssl | 3529 | SSL-encrypted CORBA services. | |
jgroups-mping | 45700 | Multicast. Used to discover initial membership in a HA cluster. | |
jgroups-tcp | 7600 | Unicast peer discovery in HA clusters using TCP. | |
jgroups-udp | 55200 | 45688 | Multicast peer discovery in HA clusters using UDP. |
management-http | 9990 | Used for HTTP communication with the management layer. | |
management-https | 9993 | Used for HTTPS communication with the management layer. | |
modcluster | 23364 | Multicast port for communication between JBoss EAP and the HTTP load balancer. | |
txn-recovery-environment | 4712 | The JTA transaction recovery manager. | |
txn-status-manager | 4713 | The JTA / JTS transaction manager. |
Name | Port | Multicast Port | Description |
---|---|---|---|
http | 8080 | The default port for deployed web applications. | |
https | 8443 | SSL-encrypted connection between deployed web applications and clients. | |
management-http | 9990 | Used for HTTP communication with the management layer. | |
management-https | 9993 | Used for HTTPS communication with the management layer. | |
mcmp-management | 8090 | The port for the Mod-Cluster Management Protocol (MCMP) connection to transmit lifecycle events. | |
modcluster | 23364 | Multicast port for communication between JBoss EAP and the HTTP load balancer. |
Revised on 2018-10-11 12:31:45 UTC