You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Frank Nguyen <fr...@youcaddy.com> on 2007/02/21 16:51:44 UTC
Get rid of 8080 port in Tomcat 3.3
Hi,
We’re still running 3.3.1 – We’d like to get rid of specifying the port 8080
in the http request like HYPERLINK
"http://www.something.com:8080/"http://www.something.com:8080 and have it
default to 80 (HYPERLINK "http://www.somehting.com/"http://www.somehting.com
only) but could not find any way. I tried to define port=80 in server.xml
but tomcat threw exceptions. If you know a way, could you help ?
Thanks in advance,
Frank Nguyen
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.441 / Virus Database: 268.18.1/691 - Release Date: 2/17/2007
5:06 PM
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.441 / Virus Database: 268.18.1/691 - Release Date: 2/17/2007
5:06 PM
Re: Get rid of 8080 port in Tomcat 3.3
Posted by Stefan <st...@telig.de>.
Steffen Heil schrieb:
> Hi
>
>
>> That's the way You should go:
>> http://www.linux.org.mt/article/tomcat-ports
>>
>
> I totally disagree.
> First, it would surely be best to update to 6.0 and run it using jsvc....
>
> However, let's look at the solution in the link above.
>
> 1. "The Apache solution". (Which should be called the "httpd" solution.)
> This will work, and might be okay, if you are already running apache on that
> system.
> BUT tomcat itself can be faster (at least newer ones, I don't know about
> 3.x) without httpd.
>
> 2. The IP tables solution
> You webapplication will not know about the different port and encode urls
> incorrecly. Bad Idea and impossible if SSL is required.
>
> 3. The rinetd solution
> Good for development and tests. Adds a little overhead AND destroy a lot of
> logging and security, as tomcat will always see ONE client ip.
>
> 4. IPchains alternative
> see 2.
>
> UPGRADE.
> Otherwise get jsvc to work for you.
>
> Regards,
> Steffen
>
Hi Steffen, good point. Neither logging nor the security was ever a
problem for us, so we did not even notice ;-). The applications work
fine for several years in production (a cocoon 2.0 and some struts based
applications) and we did not encounter encoding problems. I'm not
experienced with network protocols but for me it looks like tomcat logs
the address information on ip level, but servlets work with the ip
address of the http request. This information should not be influenced
by rinetd or iptables.
Yes, the jsvc seems the correct approach. We'll change, when 6.0 reaches
production quality.
Thanks and regards
Stefan
--
Stefan Riegel
TELIG GmbH
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Get rid of 8080 port in Tomcat 3.3
Posted by Paul Singleton <pa...@jbgb.com>.
Steffen Heil wrote:
> Hi
>
>> That's the way You should go:
>> http://www.linux.org.mt/article/tomcat-ports
>
> I totally disagree.
> First, it would surely be best to update to 6.0 and run it using jsvc....
>
> However, let's look at the solution in the link above.
>
> 1. "The Apache solution". (Which should be called the "httpd" solution.)
> This will work, and might be okay, if you are already running apache on that
> system.
> BUT tomcat itself can be faster (at least newer ones, I don't know about
> 3.x) without httpd.
>
> 2. The IP tables solution
> You webapplication will not know about the different port and encode urls
> incorrecly. Bad Idea and impossible if SSL is required.
Dunno whether there are flaws in the particular solution
which Stefan referred to, but your assertions about
iptables solutions are not generally true.
Using well documented iptables port mapping techniques
you can run Tomcat 5.5 as non-privileged user, with SSL
on port 443 on several address-based virtual hosts, each
with their own certificates. No jsvc (or any other s/ware
or processes) required. URL encoding works as intended
(indeed, we rely on it exclusively, configuring Tomcat to
never send cookies). This solution in production > 1 year.
What's the basis for your claims?
> 3. The rinetd solution
> Good for development and tests. Adds a little overhead AND destroy a lot of
> logging and security, as tomcat will always see ONE client ip.
>
> 4. IPchains alternative
> see 2.
>
> UPGRADE.
> Otherwise get jsvc to work for you.
>
> Regards,
> Steffen
Paul Singleton
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Get rid of 8080 port in Tomcat 3.3
Posted by Steffen Heil <li...@steffen-heil.de>.
Hi
> That's the way You should go:
> http://www.linux.org.mt/article/tomcat-ports
I totally disagree.
First, it would surely be best to update to 6.0 and run it using jsvc....
However, let's look at the solution in the link above.
1. "The Apache solution". (Which should be called the "httpd" solution.)
This will work, and might be okay, if you are already running apache on that
system.
BUT tomcat itself can be faster (at least newer ones, I don't know about
3.x) without httpd.
2. The IP tables solution
You webapplication will not know about the different port and encode urls
incorrecly. Bad Idea and impossible if SSL is required.
3. The rinetd solution
Good for development and tests. Adds a little overhead AND destroy a lot of
logging and security, as tomcat will always see ONE client ip.
4. IPchains alternative
see 2.
UPGRADE.
Otherwise get jsvc to work for you.
Regards,
Steffen
RE: Get rid of 8080 port in Tomcat 3.3
Posted by Frank Nguyen <fr...@youcaddy.com>.
Great article! Yes, this is the way to do it! Many thanks.
Frank Nguyen
-----Original Message-----
From: Stefan [mailto:stefan.riegel@telig.de]
Sent: Wednesday, February 21, 2007 10:43 AM
To: Tomcat Users List
Subject: Re: Get rid of 8080 port in Tomcat 3.3
Frank Nguyen schrieb:
> Hi,
>
>
>
> We’re still running 3.3.1 – We’d like to get rid of specifying the port
8080
> in the http request like HYPERLINK
> "http://www.something.com:8080/"http://www.something.com:8080 and have it
> default to 80 (HYPERLINK
"http://www.somehting.com/"http://www.somehting.com
> only) but could not find any way. I tried to define port=80 in server.xml
> but tomcat threw exceptions. If you know a way, could you help ?
>
>
>
> Thanks in advance,
>
>
>
>
>
> Frank Nguyen
>
>
> --
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.5.441 / Virus Database: 268.18.1/691 - Release Date: 2/17/2007
> 5:06 PM
>
>
>
>
That's the way You should go:
http://www.linux.org.mt/article/tomcat-ports
We run several tomcat servers standalone with the combination of rinetd
and iptables.
Good luck
Stefan
--
Stefan Riegel
TELIG GmbH
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.441 / Virus Database: 268.18.1/691 - Release Date: 2/17/2007
5:06 PM
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.441 / Virus Database: 268.18.1/691 - Release Date: 2/17/2007
5:06 PM
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Get rid of 8080 port in Tomcat 3.3
Posted by Stefan <st...@telig.de>.
Frank Nguyen schrieb:
> Hi,
>
>
>
> We’re still running 3.3.1 – We’d like to get rid of specifying the port 8080
> in the http request like HYPERLINK
> "http://www.something.com:8080/"http://www.something.com:8080 and have it
> default to 80 (HYPERLINK "http://www.somehting.com/"http://www.somehting.com
> only) but could not find any way. I tried to define port=80 in server.xml
> but tomcat threw exceptions. If you know a way, could you help ?
>
>
>
> Thanks in advance,
>
>
>
>
>
> Frank Nguyen
>
>
> --
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.5.441 / Virus Database: 268.18.1/691 - Release Date: 2/17/2007
> 5:06 PM
>
>
>
>
That's the way You should go:
http://www.linux.org.mt/article/tomcat-ports
We run several tomcat servers standalone with the combination of rinetd
and iptables.
Good luck
Stefan
--
Stefan Riegel
TELIG GmbH
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Get rid of 8080 port in Tomcat 3.3
Posted by David Smith <dn...@cornell.edu>.
I haven't tried it on such an old version of tomcat, but I would think
jsvc from the commons-daemon project would work here.
http://jakarta.apache.org/commons/daemon
It essentially allows you to start tomcat as a privileged user long
enough to grab the port and then drop back to a low privilege user for
general running.
--David
EDMOND KEMOKAI wrote:
> 80 is a privileged port on *nix systems, you'll need to run tomcat as
> root
> (generally not recommended). May I ask why you're still running tomcat
> circa
> version 3?
>
> On 2/21/07, Frank Nguyen <fr...@youcaddy.com> wrote:
>
>>
>> Hi,
>>
>>
>>
>> We're still running 3.3.1 – We'd like to get rid of specifying the port
>> 8080
>> in the http request like HYPERLINK
>> "http://www.something.com:8080/"http://www.something.com:8080 and
>> have it
>> default to 80 (HYPERLINK "http://www.somehting.com/"
>> http://www.somehting.com
>> only) but could not find any way. I tried to define port=80 in
>> server.xml
>> but tomcat threw exceptions. If you know a way, could you help ?
>>
>>
>>
>> Thanks in advance,
>>
>>
>>
>>
>>
>> Frank Nguyen
>>
>>
>> --
>> No virus found in this outgoing message.
>> Checked by AVG Free Edition.
>> Version: 7.5.441 / Virus Database: 268.18.1/691 - Release Date:
>> 2/17/2007
>> 5:06 PM
>>
>>
>>
>> --
>> No virus found in this outgoing message.
>> Checked by AVG Free Edition.
>> Version: 7.5.441 / Virus Database: 268.18.1/691 - Release Date:
>> 2/17/2007
>> 5:06 PM
>>
>>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Get rid of 8080 port in Tomcat 3.3
Posted by EDMOND KEMOKAI <ek...@gmail.com>.
80 is a privileged port on *nix systems, you'll need to run tomcat as root
(generally not recommended). May I ask why you're still running tomcat circa
version 3?
On 2/21/07, Frank Nguyen <fr...@youcaddy.com> wrote:
>
> Hi,
>
>
>
> We're still running 3.3.1 – We'd like to get rid of specifying the port
> 8080
> in the http request like HYPERLINK
> "http://www.something.com:8080/"http://www.something.com:8080 and have it
> default to 80 (HYPERLINK "http://www.somehting.com/"
> http://www.somehting.com
> only) but could not find any way. I tried to define port=80 in server.xml
> but tomcat threw exceptions. If you know a way, could you help ?
>
>
>
> Thanks in advance,
>
>
>
>
>
> Frank Nguyen
>
>
> --
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.5.441 / Virus Database: 268.18.1/691 - Release Date: 2/17/2007
> 5:06 PM
>
>
>
> --
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.5.441 / Virus Database: 268.18.1/691 - Release Date: 2/17/2007
> 5:06 PM
>
>
--
"talk trash and carry a small stick."
PAUL KRUGMAN (NYT)