tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Peter Crowther" <Peter.Crowt...@melandra.com>
Subject RE: Tomcat as root and security issues
Date Fri, 26 Jan 2007 11:55:04 GMT
> From: Gaurav Kushwaha [mailto:gaurav.kushwaha@gmail.com] 
> I read somewhere that if I want to run Tomcat standalone on 
> port 80, I will
> have to run it as root and that this is potentially unsafe. 

True on UNIX, false on Windows.

> Is there any way
> for me to run it on port 80 without having to give the root 
> privileges to the process.

The simplest I've found on most UNIXes is to use the firewall's
facilities to forward port 80/tcp to 8080/tcp.  Set Tomcat up on 8080,
and incoming requests will arrive at Tomcat's port.

If you do this, be aware that any code in Tomcat that writes URLs may do
the wrong thing unless you include the proxyPort attribute in your HTTP
connector config in server.xml:

	<Connector port="8080" proxyPort="80" .../>

Hope this helps.

		- Peter

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message