Reputation: 967
How to force Thrift to only accept connections from the localhost
I have a Java application that spins up multiple c++ processes. It communicates with these processes via Thrift RPC. For security purposes, I'd like to force the Thrift servers (c++ processes) to only accept connections from the localhost. I assumed it would be easy to bind the thrift socket to the loopback address, but after some googling I have not found an adequate solution. Am I missing something? Is there a way to bind thrift connections to an ip?
Thank you
Upvotes: 1
Views: 212
Answers (1)
Reputation: 13421
Not with builtin tools.
There is a concept of "processor events" implemented for certain language bindings. Not sure if they are for Java, but that could be worth a try.
Another apoproach would involve the creation of a customized TTransport implementation that checks the incoming connection.
Upvotes: 1
Related Questions
- Apache Thrift server as client
- apache thrift C++ server timeout client connections
- How to enable TNonblockingServer while I'm building Thrift 0.9.2
- How to connect to a remote thrift server via thrift client
- Thrift in python, client of simple example can not connect to local host on Ubuntu 14.04 LTS
- apache Thrift TNonblockingServer Error
- thrift: changing from tSimpleServer to TNonblockingServer
- Apache Thrift: Open and close transport automatically in C++
- Why does the HBase Thrift API always return a thrift client connection
- How to stop thrift TNonblockingServer in C++?