Previous Page Next Page

Configuring the Server Service

Administrators can customize the service settings of JReport Server, such as the ports for accessing JReport Server, maximum connections and handlers, SSL connection and so on.

1. On the JReport Administration page, click Configuration on the system toolbar and select Service from the drop-down menu. The Configuration - Service page is displayed.

   

2. In the Port text box, input a port as the TCP port on which JReport Server listens. The port can be an integer between 1 and 65535. However, numbers less than 1024 are usually reserved by system, and so numbers larger than 1024 are preferred. JReport Server uses 8888 as the default port.
3. In the Dashboard Port text box, input a port for accessing JDashboard. The default JDashboard port is 8887.
4. In the Administration Port text box, input a port used for remote administration. If JReport Server is running as a standalone web server, the administrator can specify the port for client users to configure and administer the server remotely. This port is where the servlet for remote administration (jet.server.servlets.RcServlet) listens. The default administration port is 8889.
5. In the Maximum Number of Handlers text box, input the maximum number of connection handlers. A connection is set up between the server-side and a client-side when a request from the client-side reaches the server. The maximum number of requests that can be handled depends on the maximum number of handlers. When there is a limit on the maximum number of connection handlers, if there are no free connection handlers available, a request from the client-side will be blocked. In which case, the request will either be handled after a connection handler has been set free, or be refused when timeout occurs. A connection handler is set free after the server sends a response to a client request.
6. In the Maximum Number of Connections text box, input the maximum number of HTTP connections between the server-side and client-side. The maximum number of connections depends on the number of requests that can be handled. It should be larger than the maximum number of handlers. For example, if the maximum number of handlers is 10, and the maximum number of connections is 12, when the eleventh and twelfth requests come, they will be blocked until a handler has been set free. When the thirteenth request comes, it will be refused.
7. In the Connection Timeout in text box, input the maximum time in milliseconds for a request from a client-side to be blocked before being refused by the server. A request will be blocked if there are no free connection handlers in the server. However it cannot be blocked forever, and if there are still no free connection handlers after the time specified here (in milliseconds), then the request will be refused back to the client.
8. Check Enable Secure Socket Layer Connection if you want to use HTTPS schema to visit the JReport Server UI in the standalone mode, then specify the other settings as required. For more information click here.
9. The Servlet Properties File Name text box displays the full path of the property file of the servlet jet.server.servlet.JRServlet. Assuming that JReport Server has been installed to C:\JReport\Server, the servlet property file is C:\JReport\Server\bin\servlet.properties.
10. From the Active Realm drop-down list select the realm that will take effect when the server starts up. A realm is the context of JReport Server where the resources and authentication entities reside. There can be multiple realms in the server, but only one is active at runtime. Only the users and resources in the active realm are accessible. Realm names cannot contain the "/" or "\" character.
11. Specify whether JReport Server listens on all network addresses or just some by selecting the corresponding radio button:
    • All Network Addresses
      If selected, JReport Server listens on all network addresses, which means that all the hosts of the machine are active, and the client-end can connect with any of the hosts of this server.
    • Network Address At
      If selected, JReport Server listens on the specified hosts, and you can specify them by inputting the host names or IP addresses. If you want to specify all the host addresses to be active, input * into this field; if you want to specify more than one address to be active, you should separate them using a blank, for example, "leo 204.177.148.110".

    Note: The machine that JReport Server runs on can be multi-homed (for example, two interface cards have been installed on the machine), if there is more than one IP address. JReport Server opens the listening port at host name 'localhost' or at IP address '127.0.0.1' automatically.

    The Active Host Address box lists the current active hosts' addresses.

12. Click Save to apply the changes.
13. Restart JReport Server to make the settings take effect.

Enabling SSL in standalone JReport Server

JReport Server supports HTTPS requests in standalone mode. Secure ports for HTTPS requests should use different ports from non-secure ports for HTTP requests. By default, port 6888 and 6889 are set as the secure ports separately for accessing the JReport Console UI and JReport Administration UI. The URL for visiting JReport Server via HTTPS schema is like this:

https://IP_address or localhost:6888

SSL support is disabled by default. You need to enable it and configure corresponding settings in order to use HTTPS schema to visit JReport Server UI. This can be done either on the JReport Administration page or in the server.properties file located in the <install_root>\bin directory.

To enable the SSL feature via the JReport Administration page:

1. On the Configuration - Service page, check the Enable Secure Socket Layer Connection option.
2. In the Secure Port text box, input a port used for visiting JReport Console page via HTTPS schema. It should be different from the Port for HTTP schema.
3. In the Dashboard Secure Port text box, input a port used for visiting JDashboard via HTTPS schema. It should be different from the Dashboard Port for HTTP schema.
4. In the Secure Administration Port text box, input a port used for visiting JReport Administration page via HTTPS schema. It should be different from the Administration Port for HTTP schema.
5. In the Keystore File Path text box, input the location of your trusted keystore file.
6. In the Keystore Password text box, input the password used to protect the integrity of the keystore.
7. Select the type of keystore to be instantiated from the Keystore Type drop-down list. The valid values are JKS and PKCS12.
8. Select the encryption/decryption protocol to be used on the socket from the Keystore Protocol drop-down list. The valid values are SSL and TLS.
9. Select the X509 algorithm to use from the Keystore Algorithm drop-down list. This defaults to the Sun implementation (SunX509). For IBM JVMs you should use IbmX509.
10. Click Save on the page, then restart JReport Server in order for the settings to take effect.

To enable the SSL feature in the server.properties file:

1. Open the server.properties file located in the <install_root>\bin directory.
2. Set httpserver.ssl.enable to true.
3. Set the other properties starting with httpserver.ssl to meet your requirements.
4. Save the file, then restart JReport Server in order for the settings to take effect.

Multiple SSL certificate support

When accessing JReport Server by domain names via HTTPS, you can apply different SSL certificate for different domain name. A configuration file httpsCertificateMapping.xml is used for defining the mapping relationship between domains and certificate aliases. You should create the file manually and put it in the <install_root>\bin folder.

The following is a sample of the httpsCertificateMapping.xml file. It defines three groups of mapping relationship: www.a.com maps to certificate alias A, www.b.com maps to certificate alias B, and www.example.com and www.example.org map to certificate alias C.

<?xml version="1.0"  encoding="UTF-8" standalone="yes"?>
<httpsCertificateMapping>
  <certificateMapping>

    <description>www.a.com</description>

    <certificateAlias>A</certificateAlias>

    <domainPattern>www\.a\.com</domainPattern>

  </certificateMapping>

  <certificateMapping>

    <description>www.b.com</description>

    <certificateAlias>B</certificateAlias>

    <domainPattern>www\.b\.com</domainPattern>

  </certificateMapping>

  <certificateMapping>

    <description>www.example.com/www.example.org</description>

    <certificateAlias>C</certificateAlias>

    <domainPattern>www\.example\.(com|org)</domainPattern>

  </certificateMapping>
</httpsCertificateMapping>

Below are details about the elements in the file:

• httpsCertificateMapping: The root element.
• certificateMapping: Represents one mapping relationship between certificate alias and domain name.
• description: Optional. The description about the mapping.
• certificateAlias: The alias of the certificate defined in the keystore file.
• domainPattern: Represents a domain name pattern.

When an HTTPS request comes in, JReport Server first checks the domain name input in the browser. If the domain name matches domainPattern of a certificateMapping in httpsCertificateMapping.xml, the corresponding cerificateAlias will be used to get the certificate from the keystore, and then the certificate will be applied. If no matched domainPattern is found or no certificate is got, the first certificate in the keystore will be applied.

To apply different certificates to multiple domain names, take the following steps:

1. Make sure JReport Server is started by JDK 8 or a higher JDK version.
2. Enable SSL on JReport Server.
3. Generate a keystore file which contains multiple entities (each entity contains a certificate and has an alias). Then set the keystore file name as the value of the httpserver.ssl.keystore property in server.properties in <install_root>\bin.
4. Create the file httpsCertificateMapping.xml in the <install_root>\bin folder. In the file specify mapping relationship between domains and certificate aliases defined in the keystore file.
5. Restart JReport Server. Then when accessing JRepor Server using different domain name, the corresponding certificate will be applied.

Previous Page Next Page