Java – Handshake failed – connection prematurally closed error when debugging Solr in Intellij


So i was going to debug my Solr filter plugins on Intellij Community Edition. After i ran the program from comand prompt with this command

java -jar start.jar -agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=8983

I started my Intellij debugger with this config:

Transport : socket
Debugger mode : attach
Host : localhost
Port : 8983

But when I ran the debugger I got this error:

Error running Debugger: Unable to open debugger port (localhost:8983): "handshake failed - connection prematurally closed"

Any idea how to fix this?

Best Solution

I got that error when trying to access to debug port on a Docker container.

If you are trying to access the debug port inside a Docker container make sure you are specifying the port as *:5005



This has been changes since Java 9.

See: REGRESSION: Remote debugging does not work on JDK 9

It's not a bug. It's a security.

Before the JDK-8041435

If you have a server with EXT and INT interfaces and start Java process with address=5900 it binds to both interfaces and allow anybody from entire world to connect to your java process unless you block it on firewall.

After JDK-8041435 socket transport try to guess localhost and bind to localhost only. I.e. socket transport by default works only if both client and server are located on the same machine. It's not an easy task to guess proper localhost. so ever same-machine configuration might not work in some situation because of network setup.

You can restore old, insecure behavior using * (asteric) i.e. -agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=*:5900 should work exactly as it was before JDK-8041435

But it's recommended to explicitly specify ip address to bind when it possible.

And JDWP socket connector accept only local connections by default

The JDWP socket connector has been changed to bind to localhost only if no ip address or hostname is specified on the agent command line. A hostname of asterisk (*) may be used to achieve the old behavior which is to bind the JDWP socket connector to all available interfaces; this is not secure and not recommended.

Related Question