tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Binding a non root user to port 443
Date Tue, 13 Mar 2018 18:02:54 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Chris,

On 3/13/18 1:26 PM, Cheltenham, Chris wrote:
> Is there a way to redirect ports 80 and 443 to 8443.
> 
> I have a non root user but I cannot use CentOS firewalld nor
> iptables.

How about authbind?

> I have tried these things.
> 
> <Connectorport="443"protocol="HTTP/1.1" enableLookups="false" 
> redirectPort="8443"/>

The redirectPort here is useless (it's for redirecting non-secure
traffic to a secure port). Here, you are already secure (and
redirecting to 8443 won't go anywhere. Just remove the attribute.

> But it still fails.

This will fail on most *NIXs because non-root can't bind to ports
below 1024.

Are you able to run jsvc? It will allow you to bind to ports and then
drop privileges.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQJRBAEBCAA7FiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlqoEk4dHGNocmlzQGNo
cmlzdG9waGVyc2NodWx0ei5uZXQACgkQHPApP6U8pFie3Q/9EQNO8FUrJOT1RvK1
L1/kh37xsg6P0QwQJmPf2FT1jyw1485BHU6v1WlOAj65RskoRj0YDgCXb4EKlKqm
Tla1205+El0ZjIKzKVUnipqmmIDcGgaHq+T1BV4L3KSKHa4t4Kf1c42xkuXA0XkJ
bV2kCbZU29Utz82hNZmOK86X2RwveoNipPMDjJQFhm/inikE8tYhhl4qsoTPnpEW
FQMB3+KkPvtdju2B9vW2mv85z6kBlDA3A4DfhOsnjJ0mBkcICGogRJ8Y1qMAfnGm
z+4vH9Lf83Qdr3XNW/il4Viv5DjM9KpO5oZZuSSGdax0wMyqgY/dgEVPc0NSRkAj
z+uhAXSjx03DGCmSpcO8txRT3f/uLiRRz5RxH9s4U1eLbXXdqhpZaum4x0uLhzC5
t3+GKGCtE5pqvLg6lyikKHF8SQjS1EGL1Za3Nsqi0Yy09I8QHoHuTRP1MyobGB7p
h191divVIstWkpcAtO4rkTw5dWepGGFUBmxrJQ60zMMOgYlXTYWpbQAqjKmQcNd/
cQpMhSbKBEFOYjEvlF4d7afAsF/6ir3/Ye2oLzmdADvzgMBZzRkSnlVZc7X4m60C
d8c9S6NIwVhZuio2ydZ1wHQ73bXoxyt+wO6+3AiE0ixYH/9IC8hbYQwOCSjXm6ti
05E7jxsIcHs2su73QTyy0rUIkdQ=
=XLrN
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message