tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Rodríguez Fernández" <davi...@zdn.es>
Subject Re: Removing the port identifier
Date Wed, 15 Aug 2007 10:40:06 GMT
You can execute tihs iptables line (if you are using linux) directly in the
server where you run tomcat (substitute xxx.xxx.xxx.xxx whith the ip address
of your linux box):

iptables -t nat -A PREROUTING -d xxx.xxx.xxx.xxx -p tcp -m tcp --dport 443
-j DNAT --to-destination xxx.xxx.xxx.xxx:8443


On 8/14/07, Stephen Caine <stephen@commongrnd.com> wrote:
>
> Is there a way to remove the port number from a https request where
> the original url looks something like this:
>
> https://host_name:8443/
>
> The approach to change the server.xml file (where the connector port
> is changed from 8443 to 443) is not practical for us.  When this is
> done, Tomcat requires the root user to run.  We consider this a
> security risk.
>
> We have considered a port forwarder, but we are unclear whether to
> install this on the Tomcat server or router.  In any event, we are
> not at all sure this is the best approach.  Any advice will be
> appreciated.  Our operating system is Mac OS X.
>
> Thanks,
>
> Stephen
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>


-- 
Nadie es tan joven que no se pueda morir mañana, ni tan viejo que no pueda
vivir un día más.

– La Celestina (Fernando de Rojas, 1499)

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message