You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Yue Yuanyuan <yu...@gmail.com> on 2010/06/30 21:06:23 UTC
One question about change port to 80
Hi,
I am setting a server on Amazon cloud. Cent OS 5.3 and tomcat 6.0.26.
Everything works fine. Then I want to change the port from 8080 to 80.
The server.xml file was modified to
<Connector port="80" protocol="HTTP/1.1"
nnector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
I restarted the server and got the error that permission denied. But I am
using root directly to do the operation. So the permission should not be a
problem.
Then I tried to change the port into 8888 or others. They all do not work.
Is there any other setting I should change? Thank you so much.
best regards,
gavin
Re: One question about change port to 80
Posted by André Warnier <aw...@ice-sa.com>.
Yue Yuanyuan wrote:
> It is running. I did iptables now it works fine. I also did test on my
> ubuntu. There is no problem. I just do not get it why I run the tomcat using
> ROOT, but still I do not have the privilege to bind 80 port.
>
Probably because you are /not/ running Tomcat as root.
You are running the script /etc/init.d/tomcatx.y as root.
But that script does not run Tomcat directly. It runs jsvc, which runs Tomcat as another
user (probably "tomcat", check with "ps -ef").
Examine the script /etc/init.d/tomcatx.y, to see what it does.
It is a good way to run Tomcat, so don't change it.
By the way, that script is not a part of the "official" Tomcat distribution from
http://tomcat.apache.org. It is a script created by the people who packaged Tomcat for
CentOS. So not many people here know what it really does.
>
> 2010/6/30 Pid <pi...@pidster.com>
>
>> On 30/06/2010 21:51, Yue Yuanyuan wrote:
>>> is it a good idea to use vhost like this :
>>> http://www.javathinking.com/2007/10/tomcat-with-apache2-virtual-hosts/
>>> Thank you.
>>> Best,
>>> Gavin
>> That's an article from 2007. Things have moved on since then.
>>
>> Unless you really need HTTPD for some reason - you'll know if you do -
>> Tomcat is perfectly adequate and serves static files just as fast as HTTPD.
>>
>> Instead of trying lots of different ways of installing Tomcat when you
>> run into a problem, let's try and resolve the particular issue you're
>> having.
>>
>>
>> If you've run Tomcat as root, and then run it as user 'tomcat' using
>> jsvc, you must remember to check all of the ownership permissions have
>> been changed on the tomcat installation to the 'tomcat' user.
>>
>> Was the server actually running?
>>
>> Did you check to see if Tomcat was actually listening on the port?
>>
>>
>> p
>>
>>
>>> 2010/6/30 Paweł Zuzelski <z...@xatka.net>
>>>
>>>> On Wed, 30 Jun 2010, Yue Yuanyuan wrote:
>>>>
>>>>> I think i figure out what is going on. I need to run tomcat using root.
>>>> But
>>>>> even I su to root and start tomcat using /etc/init.d/tomcat6 start. It
>>>>> stills runs under tomcat users.
>>>>> So how could I run it using root?
>>>> It is a bad idea. Just use iptables to redirect 80 to 8888.
>>>>
>>>> iptables -A PREROUTING -t nat -p tcp -dport 80 -j REDIRECT --to-ports
>> 8888
>>>> (not tested, see man iptables for details).
>>>>
>>>> It is the simplest and the most reliable way to run tomcat on port 80.
>>>>
>>>> --
>>>> Regards,
>>>> Paweł
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>>
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: One question about change port to 80
Posted by Yue Yuanyuan <yu...@gmail.com>.
It is running. I did iptables now it works fine. I also did test on my
ubuntu. There is no problem. I just do not get it why I run the tomcat using
ROOT, but still I do not have the privilege to bind 80 port.
2010/6/30 Pid <pi...@pidster.com>
> On 30/06/2010 21:51, Yue Yuanyuan wrote:
> > is it a good idea to use vhost like this :
> > http://www.javathinking.com/2007/10/tomcat-with-apache2-virtual-hosts/
> > Thank you.
> > Best,
> > Gavin
>
> That's an article from 2007. Things have moved on since then.
>
> Unless you really need HTTPD for some reason - you'll know if you do -
> Tomcat is perfectly adequate and serves static files just as fast as HTTPD.
>
> Instead of trying lots of different ways of installing Tomcat when you
> run into a problem, let's try and resolve the particular issue you're
> having.
>
>
> If you've run Tomcat as root, and then run it as user 'tomcat' using
> jsvc, you must remember to check all of the ownership permissions have
> been changed on the tomcat installation to the 'tomcat' user.
>
> Was the server actually running?
>
> Did you check to see if Tomcat was actually listening on the port?
>
>
> p
>
>
> > 2010/6/30 Paweł Zuzelski <z...@xatka.net>
> >
> >> On Wed, 30 Jun 2010, Yue Yuanyuan wrote:
> >>
> >>> I think i figure out what is going on. I need to run tomcat using root.
> >> But
> >>> even I su to root and start tomcat using /etc/init.d/tomcat6 start. It
> >>> stills runs under tomcat users.
> >>> So how could I run it using root?
> >>
> >> It is a bad idea. Just use iptables to redirect 80 to 8888.
> >>
> >> iptables -A PREROUTING -t nat -p tcp -dport 80 -j REDIRECT --to-ports
> 8888
> >>
> >> (not tested, see man iptables for details).
> >>
> >> It is the simplest and the most reliable way to run tomcat on port 80.
> >>
> >> --
> >> Regards,
> >> Paweł
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >>
> >
>
>
>
Re: One question about change port to 80
Posted by Pid <pi...@pidster.com>.
On 30/06/2010 21:51, Yue Yuanyuan wrote:
> is it a good idea to use vhost like this :
> http://www.javathinking.com/2007/10/tomcat-with-apache2-virtual-hosts/
> Thank you.
> Best,
> Gavin
That's an article from 2007. Things have moved on since then.
Unless you really need HTTPD for some reason - you'll know if you do -
Tomcat is perfectly adequate and serves static files just as fast as HTTPD.
Instead of trying lots of different ways of installing Tomcat when you
run into a problem, let's try and resolve the particular issue you're
having.
If you've run Tomcat as root, and then run it as user 'tomcat' using
jsvc, you must remember to check all of the ownership permissions have
been changed on the tomcat installation to the 'tomcat' user.
Was the server actually running?
Did you check to see if Tomcat was actually listening on the port?
p
> 2010/6/30 Paweł Zuzelski <z...@xatka.net>
>
>> On Wed, 30 Jun 2010, Yue Yuanyuan wrote:
>>
>>> I think i figure out what is going on. I need to run tomcat using root.
>> But
>>> even I su to root and start tomcat using /etc/init.d/tomcat6 start. It
>>> stills runs under tomcat users.
>>> So how could I run it using root?
>>
>> It is a bad idea. Just use iptables to redirect 80 to 8888.
>>
>> iptables -A PREROUTING -t nat -p tcp -dport 80 -j REDIRECT --to-ports 8888
>>
>> (not tested, see man iptables for details).
>>
>> It is the simplest and the most reliable way to run tomcat on port 80.
>>
>> --
>> Regards,
>> Paweł
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
Re: One question about change port to 80
Posted by Yue Yuanyuan <yu...@gmail.com>.
is it a good idea to use vhost like this :
http://www.javathinking.com/2007/10/tomcat-with-apache2-virtual-hosts/
Thank you.
Best,
Gavin
2010/6/30 Paweł Zuzelski <z...@xatka.net>
> On Wed, 30 Jun 2010, Yue Yuanyuan wrote:
>
> > I think i figure out what is going on. I need to run tomcat using root.
> But
> > even I su to root and start tomcat using /etc/init.d/tomcat6 start. It
> > stills runs under tomcat users.
> > So how could I run it using root?
>
> It is a bad idea. Just use iptables to redirect 80 to 8888.
>
> iptables -A PREROUTING -t nat -p tcp -dport 80 -j REDIRECT --to-ports 8888
>
> (not tested, see man iptables for details).
>
> It is the simplest and the most reliable way to run tomcat on port 80.
>
> --
> Regards,
> Paweł
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: One question about change port to 80
Posted by Paweł Zuzelski <z...@xatka.net>.
On Wed, 30 Jun 2010, Yue Yuanyuan wrote:
> I think i figure out what is going on. I need to run tomcat using root. But
> even I su to root and start tomcat using /etc/init.d/tomcat6 start. It
> stills runs under tomcat users.
> So how could I run it using root?
It is a bad idea. Just use iptables to redirect 80 to 8888.
iptables -A PREROUTING -t nat -p tcp -dport 80 -j REDIRECT --to-ports 8888
(not tested, see man iptables for details).
It is the simplest and the most reliable way to run tomcat on port 80.
--
Regards,
Paweł
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: One question about change port to 80
Posted by Yue Yuanyuan <yu...@gmail.com>.
I think i figure out what is going on. I need to run tomcat using root. But
even I su to root and start tomcat using /etc/init.d/tomcat6 start. It
stills runs under tomcat users.
So how could I run it using root?
Thank you.
Best,
Gavin
On Wed, Jun 30, 2010 at 3:46 PM, Caldarale, Charles R <
Chuck.Caldarale@unisys.com> wrote:
> > From: Yue Yuanyuan [mailto:yue.yuanyuan@gmail.com]
> > Subject: Re: One question about change port to 80
> >
> > And I tried to install apache httpd on the server. It
> > could work on port 80 and there is no problem for apache.
>
> So have you tried using the non-root mechanisms for Tomcat as described in
> the link I gave you?
>
> > By the way, when I changed the port to 8888. I could see
> > that the tomcat is listening on 8888 but I cannot connect
> > to it.
>
> Since you're running on an Amazon VM, they might not have opened up that
> port on the underlying real server.
>
> - Chuck
>
>
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
> MATERIAL and is thus for use only by the intended recipient. If you received
> this in error, please contact the sender and delete the e-mail and its
> attachments from all computers.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: One question about change port to 80
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Yue Yuanyuan [mailto:yue.yuanyuan@gmail.com]
> Subject: Re: One question about change port to 80
>
> And I tried to install apache httpd on the server. It
> could work on port 80 and there is no problem for apache.
So have you tried using the non-root mechanisms for Tomcat as described in the link I gave you?
> By the way, when I changed the port to 8888. I could see
> that the tomcat is listening on 8888 but I cannot connect
> to it.
Since you're running on an Amazon VM, they might not have opened up that port on the underlying real server.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: One question about change port to 80
Posted by Yue Yuanyuan <yu...@gmail.com>.
Thank you. That is just the copy/paste mistake.
Even the file is right:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
It still does not work. I tried iptables -F. It still does not work.
And I tried to install apache httpd on the server. It could work on port 80
and there is no problem for apache.
By the way, when I changed the port to 8888. I could see that the tomcat is
listening on 8888 but I cannot connect to it. Only 8080 works.
Thank you for the helps.
best,
gavin
On Wed, Jun 30, 2010 at 3:31 PM, Caldarale, Charles R <
Chuck.Caldarale@unisys.com> wrote:
> > From: Yue Yuanyuan [mailto:yue.yuanyuan@gmail.com]
> > Subject: One question about change port to 80
> >
> > The server.xml file was modified to
> > <Connector port="80" protocol="HTTP/1.1"
> > nnector port="8080" protocol="HTTP/1.1"
> > connectionTimeout="20000"
> > redirectPort="8443" />
>
> Well, that 'nnector port="8080"' you've got in there doesn't look
> particularly attractive...
>
> > But I am using root directly to do the operation.
>
> Which you really, really shouldn't be doing.
>
> http://wiki.apache.org/tomcat/HowTo#How_to_run_Tomcat_without_root_privileges.3F
>
> > Then I tried to change the port into 8888 or others.
> > They all do not work.
>
> Fix your editing of the <Connector> element, then check the firewall and
> iptables settings.
>
> - Chuck
>
>
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
> MATERIAL and is thus for use only by the intended recipient. If you received
> this in error, please contact the sender and delete the e-mail and its
> attachments from all computers.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: One question about change port to 80
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Yue Yuanyuan [mailto:yue.yuanyuan@gmail.com]
> Subject: One question about change port to 80
>
> The server.xml file was modified to
> <Connector port="80" protocol="HTTP/1.1"
> nnector port="8080" protocol="HTTP/1.1"
> connectionTimeout="20000"
> redirectPort="8443" />
Well, that 'nnector port="8080"' you've got in there doesn't look particularly attractive...
> But I am using root directly to do the operation.
Which you really, really shouldn't be doing.
http://wiki.apache.org/tomcat/HowTo#How_to_run_Tomcat_without_root_privileges.3F
> Then I tried to change the port into 8888 or others.
> They all do not work.
Fix your editing of the <Connector> element, then check the firewall and iptables settings.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org