tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rob S." <rsli...@home.com>
Subject RE: configuring a single port
Date Wed, 12 Jul 2000 02:37:08 GMT
Hi Brian,

> is there a way to configure everything on tomcat to use a single port?
> I have apache 1.3.12 on red hat, tomcat 3.2beta1. instead of
> creating ports
> 8080 and 8007 I want everything to go to 80 which is where i am serving
> httpd from.
> Does this create a security loophole, or am i missing something
> archetectually about
> setting up ports for contexts.

Processes, lightweight or otherwise, "bind" to ports, and only one may be
bound to a port at a time.  If you start Tomcat and listening on 8080, and
then try and start Apache to listen on 8080, you'll see that this is indeed
the case =)

Thinking through implementationally, I can't think of a reason why many
protocols could not use the same port.  But imagine how that would work in
practice.  A request comes in.  Which protocol is it?  What if one protocol
is plain text, and one is encoded?  Then it's even more difficult to tell
which is which, I imagine.  That's a lot of unnecessary checking that could
be saved by using any number of available ports =)  That's just me
surmising.  I've not much experience with things at that level ;)

AJP is used for internal Tomcat/JServ/Apache communication, not for talking
to the outside world.  I'm no IP security expert, so I don't know if there's
a way to say that all requests to a particular port must come from the
localhost (re: Apache <---> Tomcat via AJP).

Err... are you saying you don't want Tomcat to run its HTTP server?

Then just comment out the handler for HTTP (the one that binds to 8080 in
Tomcat's server.xml file).

Hope this all helped at one level or another ;)

- Rob


Mime
View raw message