今天同事在現場遇到這樣一個問題，堆棧如下：

?

[2012-05-10?15:26:52,798]?INFO??[main]?util.RMIClientSocketFactory?ClientSocketFactory.createSocket(10.154.2.23,?63828)?->?10.154.2.23 [2012-05-10?15:27:13,802]?ERROR?<root>?Failed?to?obtain?jmx?connection?to?service:jmx:rmi:///jndi/rmi://10.154.2.23:8999/jmxrmi,?cause:?Connection?refused?to?host:?10.154.2.23;?nested?exception?is:? java.net.ConnectException:?Connection?timed?out:?connect [2012-05-10?15:27:13,803]?ERROR?[main]?util.JmxUtil?Failed?to?obtain?jmx?connection?to?service:jmx:rmi:///jndi/rmi://10.154.2.23:8999/jmxrmi,?cause:?Connection?refused?to?host:?10.154.2.23;?nested?exception?is:? java.net.ConnectException:?Connection?timed?out:?connect [2012-05-10?15:27:13,803]?WARN??[main]?tomcat.TomcatMonitor55?Connection?refused?to?host:?10.154.2.23;?nested?exception?is:? java.net.ConnectException:?Connection?timed?out:?connect java.rmi.ConnectException:?Connection?refused?to?host:?10.154.2.23;?nested?exception?is:? java.net.ConnectException:?Connection?timed?out:?connect at?sun.rmi.transport.tcp.TCPEndpoint.newSocket(Unknown?Source) at?sun.rmi.transport.tcp.TCPChannel.createConnection(Unknown?Source) at?sun.rmi.transport.tcp.TCPChannel.newConnection(Unknown?Source) at?sun.rmi.server.UnicastRef.invoke(Unknown?Source) at?javax.management.remote.rmi.RMIServerImpl_Stub.newClient(Unknown?Source) at?javax.management.remote.rmi.RMIConnector.getConnection(Unknown?Source) at?javax.management.remote.rmi.RMIConnector.connect(Unknown?Source) at?javax.management.remote.JMXConnectorFactory.connect(Unknown?Source) Caused?by:?java.net.ConnectException:?Connection?timed?out:?connect at?java.net.DualStackPlainSocketImpl.connect0(Native?Method) at?java.net.DualStackPlainSocketImpl.socketConnect(Unknown?Source) at?java.net.AbstractPlainSocketImpl.doConnect(Unknown?Source) at?java.net.AbstractPlainSocketImpl.connectToAddress(Unknown?Source) at?java.net.AbstractPlainSocketImpl.connect(Unknown?Source) at?java.net.PlainSocketImpl.connect(Unknown?Source) at?java.net.SocksSocketImpl.connect(Unknown?Source) at?java.net.Socket.connect(Unknown?Source) at?java.net.Socket.connect(Unknown?Source) at?java.net.Socket.<init>(Unknown?Source) at?java.net.Socket.<init>(Unknown?Source) ...?12?more

?

去除了公司的代碼提示。

?

解決方案，必須參考tomcat官網和tomcat源碼以及Sun的JMX指南，這類問題，Sun提出解決方案了，Tomcat實現了，并且在其官網上有，這是我發的郵件，就不加工了：

?

這個問題很清晰，因為你是用RMI連接的,JMXRMI一共開放兩個端口，一個RMIRegistry端口，就是你界面配置的端口，另一個是RMI協議棧隨機選擇，這個端口如果不人工控制的話，操作

系統會隨機選擇的，你開啟防火墻當然不行了，因為還有一個端口需要開放。

?

這個問題解決方案也很簡單，必須人為選擇端口，這個Tomcat文檔上有，這個是從Tomcat官網上找到的：

JMX Remote Lifecycle Listener (org.apache.catalina.mbeans.JmxRemoteLifecycleListener)
This listener requires catalina-jmx-remote.jar to be placed in $CATALINA_HOME/lib. This jar may be found in the extras directory of the binary download area.

The JMX Remote Lifecycle Listener fixes the ports used by the JMX/RMI Server making things much simpler if you need to connect jconsole or a similar tool to a remote Tomcat instance that is running behind a firewall. Only these ports are configured via the listener. The remainder of the configuration is via the standard system properties for configuring JMX. If this listener was configured in server.xml as:

?

?<Listener className="org.apache.catalina.mbeans.JmxRemoteLifecycleListener"
????????? rmiRegistryPortPlatform="10001" rmiServerPortPlatform="10002" />
?

需要你根據現場的Tomcat版本手工下載一個 catalina-jmx-remote.jar 包，這個包里面就有這個Listener類，其中10002是你之前配置的8999，10001就是我們要新添加的端口，這個
必須也在防火墻里面配置。

上面的配置需要放在tomcat conf下的server.xml里面。

另外這個10002配置后，你的-Dcom.sun.management.jmxremote.port=8999 就不要添加了，去掉這句。

?

轉載于:https://www.cnblogs.com/diyunpeng/archive/2012/05/10/2494951.html

創作挑戰賽新人創作獎勵來咯，堅持創作打卡瓜分現金大獎

總結

以上是生活随笔為你收集整理的Tomcat Firewall JMX RMI的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。