权限被拒绝使用JBoss部署到Openshift后出错
我们有一个应用程序需要使用SSL连接与某些政府Web服务进行通信。
当在开发环境(本地)上运行时,它运行得很好,但是当我们部署到OpenShift时,尝试运行相同的任务,问题出现并显示一个很大的错误StackTrace,我们可以说这个问题来自OpenShift:
10:00:29,286 WARN [org.apache.axiom.util.stax.dialect.StAXDialectDetector] (http--127.2.25.1-8080-6) Unable to determine dialect of the StAX implementation at jar:file:/opt/jboss-as-7.1.1.Final/jboss-modules.jar!/ 10:00:33,146 INFO [org.apache.commons.httpclient.HttpMethodDirector] (http--127.2.25.1-8080-6) I/O exception (java.net.BindException) caught when processing request: Permission denied 10:00:33,148 INFO [org.apache.commons.httpclient.HttpMethodDirector] (http--127.2.25.1-8080-6) Retrying request 10:00:33,214 INFO [org.apache.commons.httpclient.HttpMethodDirector] (http--127.2.25.1-8080-6) I/O exception (java.net.BindException) caught when processing request: Permission denied 10:00:33,216 INFO [org.apache.commons.httpclient.HttpMethodDirector] (http--127.2.25.1-8080-6) Retrying request 10:00:33,219 INFO [org.apache.commons.httpclient.HttpMethodDirector] (http--127.2.25.1-8080-6) I/O exception (java.net.BindException) caught when processing request: Permission denied 10:00:33,220 INFO [org.apache.commons.httpclient.HttpMethodDirector] (http--127.2.25.1-8080-6) Retrying request 10:00:33,223 INFO [org.apache.axis2.transport.http.HTTPSender] (http--127.2.25.1-8080-6) Unable to sendViaPost to url[https://homologacao.nfe.fazenda.sp.gov.br/cteWEB/services/cteRecepcao.asmx]: java.net.BindException: Permission denied at java.net.PlainSocketImpl.socketBind(Native Method) [rt.jar:1.7.0_55] at java.net.AbstractPlainSocketImpl.bind(AbstractPlainSocketImpl.java:376) [rt.jar:1.7.0_55] at java.net.Socket.bind(Socket.java:631) [rt.jar:1.7.0_55] at sun.security.ssl.BaseSSLSocketImpl.bind(BaseSSLSocketImpl.java:114) [jsse.jar:1.7.0_55] at sun.security.ssl.SSLSocketImpl.bind(SSLSocketImpl.java:65) [jsse.jar:1.7.0_55] at br.com.ps.transp.util.cte.HSProtocolSocketFactory.createSocket(HSProtocolSocketFactory.java:91) [classes:] at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) [commons-httpclient-3.1.jar:] at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) [commons-httpclient-3.1.jar:] at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387) [commons-httpclient-3.1.jar:] at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) [commons-httpclient-3.1.jar:] at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) [commons-httpclient-3.1.jar:] at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346) [commons-httpclient-3.1.jar:] at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:560) [axis2-transport-http-1.5.3.jar:] at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:199) [axis2-transport-http-1.5.3.jar:] at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:76) [axis2-transport-http-1.5.3.jar:] at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:400) [axis2-transport-http-1.5.3.jar:] at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:225) [axis2-transport-http-1.5.3.jar:] at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:438) [axis2-kernel-1.5.3.jar:1.5.3] at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402) [axis2-kernel-1.5.3.jar:1.5.3] at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229) [axis2-kernel-1.5.3.jar:1.5.3] at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165) [axis2-kernel-1.5.3.jar:1.5.3] at br.inf.portalfiscal.www.cte.wsdl.cterecepcao.CteRecepcaoStub.cteRecepcaoLote(CteRecepcaoStub.java:196) [classes:] at br.com.ps.transp.util.cte.Transmissor.enviarCte(Transmissor.java:119) [classes:] at br.com.ps.transp.mb.ConhecimentoMB.transmitirCte(ConhecimentoMB.java:913) [classes:] at br.com.ps.transp.mb.ConhecimentoMB$Proxy$_$$_WeldClientProxy.transmitirCte(ConhecimentoMB$Proxy$_$$_WeldClientProxy.java) [classes:] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_55] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_55] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_55] at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_55] at org.apache.el.parser.AstValue.invoke(AstValue.java:262) [jbossweb-7.0.13.Final.jar:] at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:278) [jbossweb-7.0.13.Final.jar:] at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31] at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31] at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:153) [jboss-jsf-api_2.1_spec-2.0.1.Final.jar:2.0.1.Final] at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88) [jboss-jsf-api_2.1_spec-2.0.1.Final.jar:2.0.1.Final] at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769) [jboss-jsf-api_2.1_spec-2.0.1.Final.jar:2.0.1.Final] at javax.faces.component.UICommand.broadcast(UICommand.java:300) [jboss-jsf-api_2.1_spec-2.0.1.Final.jar:2.0.1.Final] at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794) [jboss-jsf-api_2.1_spec-2.0.1.Final.jar:2.0.1.Final] at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259) [jboss-jsf-api_2.1_spec-2.0.1.Final.jar:2.0.1.Final] at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) [jsf-impl-2.1.7-jbossorg-2.jar:] at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) [jsf-impl-2.1.7-jbossorg-2.jar:] at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) [jsf-impl-2.1.7-jbossorg-2.jar:] at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593) [jboss-jsf-api_2.1_spec-2.0.1.Final.jar:2.0.1.Final] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.primefaces.webapp.filter.FileUploadFilter.doFilter(FileUploadFilter.java:98) [primefaces-5.0.jar:5.0] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:154) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-3.2.8.RELEASE.jar:3.2.8.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) [spring-security-web-3.2.3.RELEASE.jar:3.2.3.RELEASE] at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) [spring-web-3.2.8.RELEASE.jar:3.2.8.RELEASE] at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) [spring-web-3.2.8.RELEASE.jar:3.2.8.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.apache.logging.log4j.core.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:66) [log4j-core-2.0-rc1.jar:2.0-rc1] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:] at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.1.Final.jar:7.1.1.Final] at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:] at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_55] 我们有一个类在执行操作之前注册通信协议,如下所示:
import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.Socket; import java.net.SocketAddress; import java.net.UnknownHostException; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.Principal; import java.security.PrivateKey; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import java.util.logging.Level; import java.util.logging.Logger; import javax.net.SocketFactory; import javax.net.ssl.KeyManager; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509KeyManager; import org.apache.commons.httpclient.ConnectTimeoutException; import org.apache.commons.httpclient.params.HttpConnectionParams; import org.apache.commons.httpclient.protocol.ProtocolSocketFactory; import br.com.ps.transp.util.Const; public class HSProtocolSocketFactory implements ProtocolSocketFactory { private static final String TRUSTSTORE = System.getProperty("javax.net.ssl.trustStore"); private SSLContext ssl = null; private X509Certificate certificate; private PrivateKey privateKey; public HSProtocolSocketFactory(X509Certificate certificate, PrivateKey privateKey) { this.certificate = certificate; this.privateKey = privateKey; } private SSLContext createSSLContext() { try { KeyManager[] keyManagers = createKeyManagers(); TrustManager[] trustManagers = createTrustManagers(); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagers, trustManagers, null); return sslContext; } catch (KeyManagementException e) { Logger.getLogger(HSProtocolSocketFactory.class.getName()).log(Level.SEVERE, null, e); } catch (KeyStoreException e) { Logger.getLogger(HSProtocolSocketFactory.class.getName()).log(Level.SEVERE, null, e); } catch (NoSuchAlgorithmException e) { Logger.getLogger(HSProtocolSocketFactory.class.getName()).log(Level.SEVERE, null, e); } catch (CertificateException e) { Logger.getLogger(HSProtocolSocketFactory.class.getName()).log(Level.SEVERE, null, e); } catch (IOException e) { Logger.getLogger(HSProtocolSocketFactory.class.getName()).log(Level.SEVERE, null, e); } return null; } private SSLContext getSSLContext() { if (ssl == null) { ssl = createSSLContext(); } return ssl; } public Socket createSocket(String host, int port, InetAddress localAddress, int localPort, HttpConnectionParams params) throws IOException, UnknownHostException, ConnectTimeoutException { if (params == null) { throw new IllegalArgumentException("Parameters may not be null"); } int timeout = params.getConnectionTimeout(); SocketFactory socketfactory = getSSLContext().getSocketFactory(); if (timeout == 0) { return socketfactory.createSocket(host, port, localAddress, localPort); } Socket socket = socketfactory.createSocket(); SocketAddress localaddr = new InetSocketAddress(localAddress, localPort); SocketAddress remoteaddr = new InetSocketAddress(host, port); socket.bind(localaddr); try { socket.connect(remoteaddr, timeout); } catch (Throwable t) { Logger.getLogger(HSProtocolSocketFactory.class.getName()).log(Level.SEVERE, null, t); throw new ConnectTimeoutException("Connection timeout error", t); } return socket; } public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(host, port, clientHost, clientPort); } public Socket createSocket(String host, int port) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(host, port); } public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(socket, host, port, autoClose); } public KeyManager[] createKeyManagers() { HSKeyManager keyManager = new HSKeyManager(certificate, privateKey); return new KeyManager[] { keyManager }; } public TrustManager[] createTrustManagers() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException { KeyStore trustStore = KeyStore.getInstance("JKS"); char[] senhaTrustStore = Const.SENHA_CACERTS.toCharArray(); InputStream inputCacerts = null; inputCacerts = new FileInputStream(TRUSTSTORE); trustStore.load(inputCacerts, senhaTrustStore); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); return trustManagerFactory.getTrustManagers(); } class HSKeyManager implements X509KeyManager { private X509Certificate certificate; private PrivateKey privateKey; public HSKeyManager(X509Certificate certificate, PrivateKey privateKey) { this.certificate = certificate; this.privateKey = privateKey; } public String chooseClientAlias(String[] arg0, Principal[] arg1, Socket arg2) { return certificate.getIssuerDN().getName(); } public String chooseServerAlias(String arg0, Principal[] arg1, Socket arg2) { return null; } public X509Certificate[] getCertificateChain(String arg0) { return new X509Certificate[] { certificate }; } public String[] getClientAliases(String arg0, Principal[] arg1) { return new String[] { certificate.getIssuerDN().getName() }; } public PrivateKey getPrivateKey(String arg0) { return privateKey; } public String[] getServerAliases(String arg0, Principal[] arg1) { return null; } } }
在进行沟通之前我们称之为:
Protocol protocol = new Protocol("https", new HSProtocolSocketFactory(x509Certificate, privateKey), 443); Protocol.registerProtocol("https", protocol);
我们已经看到许多关于在OpenShift上绑定端口的post,但没有明确解释。
我再次说,在本地它正在发送和接收完全符合预期。
任何人都知道我们可以做些什么来解决这个问题?
提前致谢。
可能默认的SocketFactory尝试绑定到0.0.0.0或127.0.0.1 。
您必须确保httpclient使用未明确绑定到客户端接口的协议套接字工厂。
请参阅此处的讨论和建议的解决方案: https : //www.openshift.com/forums/openshift/commons-httpclient-permission-denied
您必须确保httpclient使用未明确绑定到客户端接口的协议套接字工厂。
在进行绑定到客户端套接字的连接时,这不是100%真实。 诀窍是绑定到非受限制的端口。 当您请求客户端套接字时,通常会为您处理此问题。
我的猜测是,openshift要么阻止你试图绑定的端口(因为你不让它给你一个开放端口),套接字工厂应该让你进行连接。
它也有可能但是不太可能,selinux阻止你,阻止你从openshifts服务器发出DOS攻击。