简体繁体 English

Tomcat 7拒绝连接

[英]Connection refused with Tomcat 7

原文 2013-05-18 23:38:56 9 2 java/ tomcat/ tomcat7/ jelastic

I have a Tomcat instance running on Jelastic and there are two deployed apps - for '/foo' context and for '/bar' context. 我在Jelastic上运行了一个Tomcat实例，并且有两个部署的应用程序 - 用于'/ foo'上下文和'/ bar'上下文。

During handling request to '/foo' we do a HTTP request to '/bar' (for authorization) and there is always an exception here - ConnectException: ConnectionRefused. 在处理对'/ foo'的请求期间，我们对'/ bar'进行HTTP请求（用于授权），并且此处始终存在异常 - ConnectException：ConnectionRefused。

If I connect to '/bar' through browser or from code running on my local PC everything works perfectly. 如果我通过浏览器或在我的本地PC上运行的代码连接到'/ bar'，一切都很完美。 Also if I connect from server (during handling a request to '/foo') to a host located in the different place everything is also work as expected. 此外，如果我从服务器（在处理请求到'/ foo'期间）连接到位于不同位置的主机，一切都按预期工作。 It looks like that the Tomcat somehow filter incoming connections from the same host. 看起来Tomcat以某种方式过滤来自同一主机的传入连接。 Does anybody know what to do with that? 有人知道该怎么办吗？

2 个解决方案

A "connection refused" message means that something was unable to open a network connection at the transport level. “连接被拒绝”消息表示某些内容无法在传输级别打开网络连接。 This most likely means that the service you are trying to talk to is not listening for new connections on the specific IP and port number that were used in the connection attempt. 这很可能意味着您尝试与之通信的服务未在侦听连接尝试中使用的特定IP和端口号上的新连接。

Check: 校验：

That the request that is being refused is using the correct IP and port number. 被拒绝的请求使用正确的IP和端口号。
That your tomcat service is properly configured to listen on that IP and port. 您的tomcat服务已正确配置为侦听该IP和端口。

Bear in mind that your system may have multiple IP addresses, and you need to listen on each one that you wish to use. 请记住，您的系统可能有多个IP地址，您需要收听您希望使用的每个IP地址。 Also bear in mind that "local host" is typically a different IP address. 还要记住，“本地主机”通常是不同的IP地址。

Then if neither of the above is the problem: 如果以上都不是问题：

If there is a possibility of network level or local firewalling blocking the traffic, check that. 如果网络级别或本地防火墙可能阻塞流量，请检查。
If the possibility of "strangeness" due to complicated virtual networking, check that. 如果由于复杂的虚拟网络导致“陌生”的可能性，请检查。

It looks like that the Tomcat somehow filter incoming connections from the same host. 看起来Tomcat以某种方式过滤来自同一主机的传入连接。

Tomcat doesn't "filter" like that. Tomcat不像那样“过滤”。 But it is quite possible that you haven't configured tomcat to listen for the requests. 但是很有可能你没有配置tomcat来监听请求。 Check the "server.xml" file to see if you have configured that correctly. 检查“server.xml”文件以查看是否已正确配置。

FWIW - I don't think this is the Tomcat7 CSRF filter. FWIW - 我不认为这是Tomcat7 CSRF过滤器。 According to the documentation, that would return a HTTP response. 根据文档，这将返回HTTP响应。 In fact, I can't see how anything inside the receiving Tomcat could generate a "connection refused" state by any means other than not listening for connections in the first place. 事实上，我无法看到接收Tomcat中的任何内容如何通过除了不首先监听连接之外的任何方式产生“连接被拒绝”状态。

Connection refused definitely means network issue. 连接拒绝绝对意味着网络问题。 One of the potential reason is that your application tries to establish connection using http header "host" value etc. and in general header "host" value does not contain 8080 port inside string -BUT- tomcat at Jelastic is running on port 8080, so you can either try connect to your second application forcibly specifying port 8080 or contact your support and ask them to set iptables rule that would redirect all requests (inside your tomcat container) from 80 to 8080 port. 其中一个潜在的原因是您的应用程序尝试使用http标头“host”值等建立连接，并且通常标题“host”值不包含8080端口字符串-BUT- tomcat在Jelastic正在端口8080上运行，所以您可以尝试连接到您的第二个应用程序强制指定端口8080或联系您的支持并要求他们设置iptables规则，将所有请求（在您的tomcat容器内）从80重定向到8080端口。