tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: changing user/group tomcat is running as
Date Wed, 26 Nov 2003 22:50:08 GMT
Hi Marten,
 We're struggling with this same issue on AIX 5.2. If you're on linux
Check this out:

see: "Kernel space port forwarding"

Since AIX doesn't have iptables we may end up just using port 8080 and
8443 as the service is limited to around 300 internal users....

If anyone knows of a comparable solution on AIX please chime in.


On Wed, 26 Nov 2003, Marten Lehmann wrote:
> Hello,
> after almost comleting Oreilly's "Tomcat - The Definitive Guide", the
> only thing mentioned there about changing the user tomcat is running as
> is to put it into a chroot-environment, whereby the chroot is not as
> important as changing the user and group in the same step. Without doing
> chroot-things, I likewise could use "su tomcat -c ./", right?
> But no matter if I use chroot or su to do this, I have the drawback,
> that I can't use port 80 for http nor 433 for https, because access to
> this is restricted to the root user. Is there any way to change the user
> after tomcat has start up like the User and Group directives in
> apache-httpd? Running tomcat as root seems like a security flaw to me. I
> don't want to set up an additional apache-httpd at port 80 and 443 which
> communicates with tomcat on ports > 1023. Any ideas?
> Regards
> Marten
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message