keycloak-scim/topics/network/ports.adoc

[[_ports]]

=== Socket Port Bindings

The ports for each socket also have a pre-defined default that can be overriden at the command line or within configuration.
To illustrate this configuration, let's pretend you are running in <<fake/../../operating-mode/standalone.adoc#_standalone-mode,standalone mode>> and
open up the _.../standalone/configuration/standalone.xml_.  Search for +socket-binding-group+.

[source,xml]
----
    <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
        <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
        <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
        <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
        <socket-binding name="http" port="${jboss.http.port:8080}"/>
        <socket-binding name="https" port="${jboss.https.port:8443}"/>
        <socket-binding name="txn-recovery-environment" port="4712"/>
        <socket-binding name="txn-status-manager" port="4713"/>
        <outbound-socket-binding name="mail-smtp">
            <remote-destination host="localhost" port="25"/>
        </outbound-socket-binding>
    </socket-binding-group>
----

+socket-bindings+ define actual socket connections that will be open by the server that covers both the +interface+ (bind address)
that will be used as wel as the port.   The ones you will be most interested in are

http::
   Defines the port used by {{book.project.name}} HTTP connections
https::
   Defines the port used by {{book.project.name}} HTTPS connections
ajp::
   The Apache HTTPD server is often used with _mod-cluster_ as a load balancer.  AJP is the protocol that is used.
   This socket binding defines the port used for the AJP protocol.
management-http::
   Defines the HTTP connection used by {{book.appserer.name}} CLI and web console.

When running in <<fake/../../operating-mode/domain.adoc#_domain-mode,domain mode>> locking the socket configurations
is a bit trickier as the example _domain.xml_ file has multiple +socket-binding-groups+ defined.  If you scroll down
to the +server-group+ definitions you can see what +socket-binding-group+ is used for each +server-group+.

.domain socket bindings
[source,xml]
----
    <server-groups>
        <server-group name="load-balancer-group" profile="load-balancer">
            ...
            <socket-binding-group ref="load-balancer-sockets"/>
        </server-group>
        <server-group name="auth-server-group" profile="auth-server-clustered">
            ...
            <socket-binding-group ref="ha-sockets"/>
        </server-group>
    </server-groups>
----

NOTE:  There's a lot more nifty options when setting up +socket-binding-group+ definitions.  See the link:{{book.appserver.socket.link}}[the socket binding group]
       chapter of the {{book.appserver.socket.name}}.
clustering 2016-04-28 22:25:54 +00:00			`[[_ports]]`

network 2016-04-28 20:34:44 +00:00			`=== Socket Port Bindings`

			`The ports for each socket also have a pre-defined default that can be overriden at the command line or within configuration.`
			`To illustrate this configuration, let's pretend you are running in <<fake/../../operating-mode/standalone.adoc#_standalone-mode,standalone mode>> and`
			`open up the _.../standalone/configuration/standalone.xml_. Search for +socket-binding-group+.`

			`[source,xml]`
			`----`
			`<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">`
			`<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>`
			`<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>`
			`<socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>`
			`<socket-binding name="http" port="${jboss.http.port:8080}"/>`
			`<socket-binding name="https" port="${jboss.https.port:8443}"/>`
			`<socket-binding name="txn-recovery-environment" port="4712"/>`
			`<socket-binding name="txn-status-manager" port="4713"/>`
			`<outbound-socket-binding name="mail-smtp">`
			`<remote-destination host="localhost" port="25"/>`
			`</outbound-socket-binding>`
			`</socket-binding-group>`
			`----`

			`+socket-bindings+ define actual socket connections that will be open by the server that covers both the +interface+ (bind address)`
			`that will be used as wel as the port. The ones you will be most interested in are`

			`http::`
			`Defines the port used by {{book.project.name}} HTTP connections`
			`https::`
			`Defines the port used by {{book.project.name}} HTTPS connections`
			`ajp::`
			`The Apache HTTPD server is often used with _mod-cluster_ as a load balancer. AJP is the protocol that is used.`
			`This socket binding defines the port used for the AJP protocol.`
			`management-http::`
			`Defines the HTTP connection used by {{book.appserer.name}} CLI and web console.`

			`When running in <<fake/../../operating-mode/domain.adoc#_domain-mode,domain mode>> locking the socket configurations`
			`is a bit trickier as the example _domain.xml_ file has multiple +socket-binding-groups+ defined. If you scroll down`
			`to the +server-group+ definitions you can see what +socket-binding-group+ is used for each +server-group+.`

			`.domain socket bindings`
			`[source,xml]`
			`----`
			`<server-groups>`
			`<server-group name="load-balancer-group" profile="load-balancer">`
			`...`
			`<socket-binding-group ref="load-balancer-sockets"/>`
			`</server-group>`
			`<server-group name="auth-server-group" profile="auth-server-clustered">`
			`...`
			`<socket-binding-group ref="ha-sockets"/>`
			`</server-group>`
			`</server-groups>`
			`----`

			`NOTE: There's a lot more nifty options when setting up +socket-binding-group+ definitions. See the link:{{book.appserver.socket.link}}[the socket binding group]`
			`chapter of the {{book.appserver.socket.name}}.`