Secure Admin must be enabled to access the DAS remotely - Acess Glassfish Admin Console with Docker

问题

I try to deploy my web app on glassfish which is on a docker container. When I access to the Admin Console ( [IP]:4848 ), I can access to login page but there is this error message and I can't login:

Secure Admin must be enabled to access the DAS remotely.

So I find on other post that I need to add these line in bin folder:

./asadmin start-domain
./asadmin change-admin-password
./asadmin enable-secure-admin
./asadmin stop-domain
./asadmin start-domain

But I can't do it because my glassfish instance is on a container.

For information, I run glassfish with:

sudo docker run -p 4848:4848 -p 8080:8080 -e GLASSFISH_PASS="password" -d glassfish

回答1:

There are a couple of ways to do this, but the best way is probably to copy the method used in the Payara Server dockerfile. (Payara Server is derived from GlassFish and therefore the dockerfile is compatible with GlassFish too)

To summarise, this method creates 2 files: a tmpfile which contains the default (empty) password and the desired new password, and a pwdfile which contains just the newly changed file.

If the contents of the tmpfile are:

AS_ADMIN_PASSWORD=
AS_ADMIN_NEWPASSWORD=MyNewPassword

Then the contents of pwdfile should be:

AS_ADMIN_PASSWORD=MyNewPassword

to change the password using asadmin, the first file must be used with the change-admin-password command, and the second with all future commands.

In docker terms, this looks like this (taken directly from the dockerfile linked above):

ENV PAYARA_PATH /opt/payara41
ENV ADMIN_USER admin
ENV ADMIN_PASSWORD admin

# set credentials to admin/admin 

RUN echo 'AS_ADMIN_PASSWORD=\n\
AS_ADMIN_NEWPASSWORD='$ADMIN_PASSWORD'\n\
EOF\n'\
>> /opt/tmpfile

RUN echo 'AS_ADMIN_PASSWORD='$ADMIN_PASSWORD'\n\
EOF\n'\
>> /opt/pwdfile

RUN \
 $PAYARA_PATH/bin/asadmin start-domain && \
 $PAYARA_PATH/bin/asadmin --user $ADMIN_USER --passwordfile=/opt/tmpfile change-admin-password && \
 $PAYARA_PATH/bin/asadmin --user $ADMIN_USER --passwordfile=/opt/pwdfile enable-secure-admin && \
 $PAYARA_PATH/bin/asadmin restart-domain

# cleanup
RUN rm /opt/tmpfile

来源：https://stackoverflow.com/questions/42773521/secure-admin-must-be-enabled-to-access-the-das-remotely-acess-glassfish-admin