0

I've recent un-installed apache2 so I could run Tomcat6 on port 80 directly. I've been pulling my hair out trying to get this set up correctly.

I've read this post regarding setting up tomcat to use authbind. I tried that method, and instead of getting stacktrace errors in catalina.out, I just get a [fail] response on startup, with no output to the logs.

I tried binding tomcat directly to my server's IP address, and then editing /etc/authbind/byuid/ to include that IP address as suggested by enter link description here, but again, the [fail] response on startup with no logging.

The only way I could successfully get tomcat to start on port 80 was to run it as root, which I do not want to do.

What is the correct configuration to run tomcat6 on port 80 using authbind?

aasukisuki
  • 113
  • 1
  • 5

3 Answers3

1

If I run any java server that needs to serve up some web pages I generally do so using mod_proxy and have apache do the serving. Then my linux server becomes more multipurpose, as port 80 is controlled by a more language accepting application server.

Generally I run with apache/mod_proxy serving on 80 proxying to 8800(or some high port) for the java site, jboss running on 8800 and iptables configured to deny external requests to 8800.

AndrewPK
  • 303
  • 1
  • 7
  • same here, we proxy a few subdomains to Atlassian products (they run in tomcat containers). It's nice to also be able to host a few other sites on the box by using NameBased Virtual Hosts in apache – iainlbc Apr 13 '11 at 04:24
  • Definitely. I love multipurpose. This is almost a requirement when setting up machines for development anyhow - though even in prod I keep them the same (even if they're the only thing living on the server). – AndrewPK Apr 13 '11 at 04:29
  • I was doing this using mod_jk (not mod_proxy). However, I'm worried about our use of comet for pushing data and the way apache2 creates a new thread for every connection. I've read multiple places that using comet + apache will end up causing alot of issues. – aasukisuki Apr 13 '11 at 17:17
  • aasukusuki: I end up running apache as mpm_worker because of that reason. – AndrewPK Apr 15 '11 at 03:14
0

Are you sure your config is working at all? If it's failing to bind, then it should still start up, just missing certain listeners. Try setting your listener back to 0.0.0.0:8080 and see if it's still starting up.

Once you're that far, try this:

  • Change your listener to port 80 (setting it to a specific address won't help, so leaving it on 0.0.0.0 is fine).

  • Modify /etc/default/tomcat6 to enable authbind.

Run the following:

sudo apt-get install authbind
sudo touch /etc/authbind/byport/80
sudo chown tomcat6:tomcat6 /etc/authbind/byport/80
Shane Madden
  • 112,982
  • 12
  • 174
  • 248
0

If you're already running a firewall on your host (by binding to 80 I'm assuming you are) you might try rerouting your traffic from 80 to 8080 by using iptables:

sudo /sbin/iptables -t nat -I PREROUTING -p tcp –dport 80 -j REDIRECT –to-port 8080

Raymond Kroeker
  • 101
  • 1