tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 35514] New: - Cannot access Tomcat server when run as service with a non-priveledged account
Date Mon, 27 Jun 2005 15:01:25 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=35514>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=35514

           Summary: Cannot access Tomcat server when run as service with a
                    non-priveledged account
           Product: Tomcat 5
           Version: 5.5.9
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: nlk5959@ksu.edu


Greetings. Sorry if this is fairly obvious, but I've been researching this
heavily for quite some time and could not come up with anything.

I'm interested in having Tomcat run as a service under an unpriveledged account
in order to minimize security risks. I am able to change the "Log on as" user
for Tomcat with the Windows Services manager. If it is an Administrative account
such as "Local System," then I am able to access the server just fine. However,
if it is an unpriveledged user, such as a user of group Users or the pre-defined
LOCAL SERVICE and NETWORK SERVICE accounts, then I cannot access the server. The
service appears to start and run just fine, but when I point a browser to the
server it sits there spinning. It seems to me that this indicates that it is
able to contact the server well enough, but that the server is prevented from
running something because of its lesser priveledges. I checked the logs, but
they don't relate anything beyond startup and shutdown entries.

Ideally, it would be nice to have it run as LOCAL SERVICE or NETWORK SERVICE
because these are pre-defined accounts for this purpose.

Thanks a lot.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message