tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: For some reason, the AUTHBIND approach isn't working with 8.5
Date Thu, 07 Sep 2017 21:49:43 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Guang,

On 9/7/17 3:22 AM, Guang Chao wrote:
> On Thu, Sep 7, 2017 at 8:02 AM, James H. H. Lampert < 
> jamesl@touchtonecorp.com> wrote:
> 
>> A little over a month ago, I had a problem with getting Tomcat 7
>> to bind to port 443 on Debian.
>> 
>> We solved that problem with the "authbind" approach.
>> 
>> Now, I'm attempting to do the same with Tomcat 8.5, and it's not
>> working.
>> 
>> 06-Sep-2017 23:47:46.293 SEVERE [main]
>> org.apache.coyote.AbstractProtocol.init
>>> Failed to initialize end point associated with ProtocolHandler 
>>> ["https-jsse-nio-443"] java.net.SocketException: Permission
>>> denied [snip]
> 
> You can not use port below 1024 if service is non root.

This is not true.

Authbind exists solely for the purpose of making your above statement
not true.

> You can use routing via iptables

Not necessary. Authbind should work.

> Another option is have a reverse proxy, e.g. nginx listening on
> 443 fronting your tomcat listening on a higher port.

Not necessary. Authbind should work.

- -chris


-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJZsb72AAoJEBzwKT+lPKRY4kIP/RZEYZU5kvkCvj0P4xBMnqlg
5VsNoakhDYMfrFiuUOv07fa7FMe/3CRB9XGsgvxalb64rubSlW2Sv9GuimiVQOxA
1CTw/0jpG3hRhfni3sm+j3Jt4SyupZGnMTA0qmJ5L2SLCD649lBBeVYT0pVHGGeq
MjxxtLSlq3dc+/N/txOTbA4g1DFdGq7RWtDClZFn0WC7KKP85K1Nihy9ks+eM8kE
FaD6OSNm4qQp9z4ndMVRl3qFTpa9FgjfTHnTbBvqh9DiSK4yGtbIPlB8gOvo1SRe
jV07adGTv1k+4YE01fNL/4ux5BiuhhPkxymKPuGl2SEl6Fe+6JRxy/1Yj4ZyUJVA
LGhMjR4FeguSq5aMY+f/ZOgUZnDk3XyWsZCf46NESacUFkUoo/NU7U2EwJHq4LT3
AxOd8IQoHR0/nHnLJc5uKlwh9m7xnS0Ut7h9u67YtJz01Ty5QQWnDaIlqiadpU1C
4mgYggSyDyBFyo17xph1lfCDuX8Pa8l59ENq4lWdZj0xdwQuHdkhr1SpvBWB4fj/
EeALJW34jkaAh7fc04ax5V9DB7dBKe3MxVtIEpaA1ULW2b4mQpucBe4fnipMESwR
IXK4JCJnrnDrCRFwp8uKukQd50rlGIRWkuIfoIDdiLN45vD50g6zP6G3vvWFTNYb
mA57urLiLLRdPuQDNrd7
=Jpc6
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message