How to access JBoss AS over a network

One of the most frequent issues for newbies that are approaching JBoss or WildFly is how to access it over a network.

For security reasons, the application server is available, by default, only on the loopback address (localhost) so if you are trying to access it from another host, you will hit a Page not found error. There are two possible causes to this:

  • You have not configured the serverto use an IP Address/Host name
  • There is a firewall rule preventing the application server to be reachable

JBoss AS IP address not set

Let’s see the first case at first. By default as you start JBoss application server / WildFly without any parameter, the server uses as IP Address the loopback address that is 127.0.0.1. This is evident from the server’s logs:

12:53:09,593 INFO  [org.apache.coyote.http11] (MSC service thread 1-6) JBWEB003000: Coyote HTTP/1.1 starting on: http-/127.0.0.1:8080
12:53:10,161 INFO  [org.jboss.as] (Controller Boot Thread) JBAS015961: Http management interface listening on http://127.0.0.1:9990/management

You can set the IP Address to be used by the application server by using the jboss.bind.address.management and jboss.bind.address parameters at startup. For example:

$ ./standalone.sh -Djboss.bind.address.management=192.168.10.1 -Djboss.bind.address=192.168.10.1

Now you can check from the server logs or the netstat command that you are actually being using an IP Address for binding your public and management interfaces:

The netstat command can confirm, that ports 8080 and 9990 have been engaged by a process that is listening:

$ netstat -an | grep 8080
tcp        0      0 127.0.0.1:8080          0.0.0.0:*               LISTEN     

$ netstat -an | grep 9990
tcp        0      0 127.0.0.1:9990          0.0.0.0:*               LISTEN

If you want to apply this change at configuration level, then you can specify as fallback address, the IP Address that we will use for our server:

<interface name="management">
    <inet-address value="${jboss.bind.address.management:192.168.10.1}"/>
</interface>
<interface name="public">
    <inet-address value="${jboss.bind.address:192.168.10.1}"/>
</interface>

Another option which is available, is binding the application server to all the IP Addresses available on your Ethernet card. This can be achieved by using the 0.0.0.0 IP Address as shown:

<interface name="management">
    <inet-address value="${jboss.bind.address.management:0.0.0.0}"/>
</interface>
<interface name="public">
    <inet-address value="${jboss.bind.address:0.0.0.0}"/>
</interface>

IP Address blocked by firewall rules

The other possible cause, that prevent your application server to be reachable over the network, is that you have some firewall rules active.On a Linux system you can check if this is the issue by dropping your iptables temporarily for testing:

/etc/init.d/iptables stop

If this is the cause, you can make a permanent change to your iptables config by adding the following line to /etc/sysconfig/iptables

-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT

and restart them when you’ve finished with

 /etc/init.d/iptables start