cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eoghan Glynn <eogl...@gmail.com>
Subject Re: Jow to publish web service using port 443 (SSL) / java.net.SocketException: Permission denied issue
Date Wed, 25 Mar 2009 11:28:11 GMT
Are you running on Linux perchance?

AFAIK most *nix variants disallow non-root users from listening on ports
less than 1024.

To avoid running your server with root privileges, you can use xinetd to
re-direct any traffic from the standard SSL port 443 to some other port >
1024.

Cheers,
Eoghan


2009/3/25 XyLus <maciej.kwiecien@gmail.com>

>
> Hello All,
>
> I am working on web service that should support SSL (the requirement is to
> publish webservice using port 443).
>
> I have following server-config.xml
>
>
> <beans xmlns="http://www.springframework.org/schema/beans"...>
>
>        <http:conduit
>
> name="{http://vn.my.site.com/uploader}UploadServicePort.http-conduit<http://vn.my.site.com/uploader%7DUploadServicePort.http-conduit>
> ">
>
>                <http:client AutoRedirect="true" ConnectionTimeout="10000"
>                        ReceiveTimeout="10000" AllowChunking="false"
>                         />
>        </http:conduit>
>
>
>        <httpj:engine-factory>
>                <httpj:engine port="9001">
>                        <httpj:tlsServerParameters>
>                                <sec:keyManagers keyPassword="password">
>                                        <sec:keyStore type="JKS"
> password="password"
>
> resource="server_ssl_keystore.jks" />
>                                </sec:keyManagers>
>
>                                <sec:cipherSuitesFilter>
>                                        <!-- these filters ensure that a
> ciphersuite with
>                                                export-suitable or null
> encryption is used,
>                                                but exclude anonymous
> Diffie-Hellman key change as
>                                                this is vulnerable to
> man-in-the-middle attacks -->
>
> <sec:include>.*_EXPORT_.*</sec:include>
>
> <sec:include>.*_EXPORT1024_.*</sec:include>
>
> <sec:include>.*_WITH_DES_.*</sec:include>
>
> <sec:include>.*_WITH_NULL_.*</sec:include>
>
> <sec:exclude>.*_DH_anon_.*</sec:exclude>
>                                </sec:cipherSuitesFilter>
>                        </httpj:tlsServerParameters>
>                </httpj:engine>
>        </httpj:engine-factory>
>
>
> In addtion to this configuration  I use following address to publish web
> service http://localhost:443/UploadService
>
>
>
> This configuration works fine on my local box but when I start it on server
> box I get exception:
> java.net.SocketException: Permission denied (entire stack trace you can
> find
> at the end of this post)
>
> I have two questions:
> 1. Have  I got correct configuration to publish web service on 443 port
> (and
> to use SSL)
> 2. Given that my configuration is correct - what should I change in JVM
> security configuration to solve java.net.SocketException: Permission denied
> error
>
>
> Useful hint would be appreciated.
>
> Regards,
> Maciej
>
>
>
>
>
>
> java.net.SocketException: Permission denied
>        at sun.nio.ch.Net.bind(Native Method)
>        at
> sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:119)
>        at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59)
>        at
>
> org.mortbay.jetty.nio.SelectChannelConnector.open(SelectChannelConnector.java:205)
>        at
>
> org.mortbay.jetty.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:304)
>        at
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39)
>        at org.mortbay.jetty.Server.doStart(Server.java:233)
>        at
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39)
>        at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.addServant(JettyHTTPServerEngine.java:305)
>        at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.activate(JettyHTTPDestination.java:155)
>        at
>
> org.apache.cxf.transport.AbstractObservable.setMessageObserver(AbstractObservable.java:48)
>        at
>
> org.apache.cxf.binding.AbstractBindingFactory.addListener(AbstractBindingFactory.java:166)
>        at
>
> org.apache.cxf.binding.soap.SoapBindingFactory.addListener(SoapBindingFactory.java:734)
>        at org.apache.cxf.endpoint.ServerImpl.start(ServerImpl.java:122)
>        at
> org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:264)
>        at org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:202)
>        at
>
> org.apache.cxf.jaxws.spi.ProviderImpl.createAndPublishEndpoint(ProviderImpl.java:84)
>        at javax.xml.ws.Endpoint.publish(Endpoint.java:156)
>        at
>
> com.sabre.ssg.vn.uploader.UploadServiceServer.<init>(UploadServiceServer.java:47)
>        at
>
> com.sabre.ssg.vn.uploader.UploadServiceServer.main(UploadServiceServer.java:58)
> Mar 25, 2009 4:36:28 AM sun.reflect.NativeMethodAccessorImpl invoke0
> WARNING: failed Server@26796e1c
> java.net.SocketException: Permission denied
>        at sun.nio.ch.Net.bind(Native Method)
>        at
> sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:119)
>        at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59)
>        at
>
> org.mortbay.jetty.nio.SelectChannelConnector.open(SelectChannelConnector.java:205)
>        at
>
> org.mortbay.jetty.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:304)
>        at
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39)
>        at org.mortbay.jetty.Server.doStart(Server.java:233)
>        at
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39)
>        at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.addServant(JettyHTTPServerEngine.java:305)
>        at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.activate(JettyHTTPDestination.java:155)
>        at
>
> org.apache.cxf.transport.AbstractObservable.setMessageObserver(AbstractObservable.java:48)
>        at
>
> org.apache.cxf.binding.AbstractBindingFactory.addListener(AbstractBindingFactory.java:166)
>        at
>
> org.apache.cxf.binding.soap.SoapBindingFactory.addListener(SoapBindingFactory.java:734)
>        at org.apache.cxf.endpoint.ServerImpl.start(ServerImpl.java:122)
>        at
> org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:264)
>        at org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:202)
>        at
>
> org.apache.cxf.jaxws.spi.ProviderImpl.createAndPublishEndpoint(ProviderImpl.java:84)
>        at javax.xml.ws.Endpoint.publish(Endpoint.java:156)
>        at
>
> com.sabre.ssg.vn.uploader.UploadServiceServer.<init>(UploadServiceServer.java:47)
>        at
>
> com.sabre.ssg.vn.uploader.UploadServiceServer.main(UploadServiceServer.java:58)
> javax.xml.ws.WebServiceException: org.apache.cxf.interceptor.Fault: Could
> not start Jetty server: Permission denied
>        at
> org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:268)
>        at org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:202)
>        at
>
> org.apache.cxf.jaxws.spi.ProviderImpl.createAndPublishEndpoint(ProviderImpl.java:84)
>        at javax.xml.ws.Endpoint.publish(Endpoint.java:156)
>        at
>
> com.sabre.ssg.vn.uploader.UploadServiceServer.<init>(UploadServiceServer.java:47)
>        at
>
> com.sabre.ssg.vn.uploader.UploadServiceServer.main(UploadServiceServer.java:58)
> Caused by: org.apache.cxf.interceptor.Fault: Could not start Jetty server:
> Permission denied
>        at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.addServant(JettyHTTPServerEngine.java:328)
>        at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.activate(JettyHTTPDestination.java:155)
>        at
>
> org.apache.cxf.transport.AbstractObservable.setMessageObserver(AbstractObservable.java:48)
>        at
>
> org.apache.cxf.binding.AbstractBindingFactory.addListener(AbstractBindingFactory.java:166)
>        at
>
> org.apache.cxf.binding.soap.SoapBindingFactory.addListener(SoapBindingFactory.java:734)
>        at org.apache.cxf.endpoint.ServerImpl.start(ServerImpl.java:122)
>        at
> org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:264)
>        ... 5 more
> Caused by: java.net.SocketException: Permission denied
>        at sun.nio.ch.Net.bind(Native Method)
>        at
> sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:119)
>        at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59)
>        at
>
> org.mortbay.jetty.nio.SelectChannelConnector.open(SelectChannelConnector.java:205)
>        at
>
> org.mortbay.jetty.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:304)
>        at
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39)
>        at org.mortbay.jetty.Server.doStart(Server.java:233)
>        at
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39)
>        at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.addServant(JettyHTTPServerEngine.java:305)
>        ... 11 more
>
>
>
>
>
> --
> View this message in context:
> http://www.nabble.com/Jow-to-publish-web-service-using-port-443-%28SSL%29----java.net.SocketException%3A-Permission-denied-issue-tp22698473p22698473.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message