On Thu, Sep 7, 2017 at 8:02 AM, James H. H. Lampert < jam...@touchtonecorp.com> wrote:
> A little over a month ago, I had a problem with getting Tomcat 7 to bind > to port 443 on Debian. > > We solved that problem with the "authbind" approach. > > Now, I'm attempting to do the same with Tomcat 8.5, and it's not working. > > 06-Sep-2017 23:47:46.293 SEVERE [main] org.apache.coyote.AbstractProtocol.init >> Failed to initialize end point associated with ProtocolHandler >> ["https-jsse-nio-443"] >> java.net.SocketException: Permission denied >> at sun.nio.ch.Net.bind0(Native Method) >> at sun.nio.ch.Net.bind(Net.java:463) >> at sun.nio.ch.Net.bind(Net.java:455) >> at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelI >> mpl.java:223) >> at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor. >> java:74) >> at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java >> :210) >> at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEnd >> point.java:970) >> at org.apache.tomcat.util.net.AbstractJsseEndpoint.init(Abstrac >> tJsseEndpoint.java:244) >> at org.apache.coyote.AbstractProtocol.init(AbstractProtocol. >> java:613) >> at org.apache.coyote.http11.AbstractHttp11Protocol.init(Abstrac >> tHttp11Protocol.java:66) >> at org.apache.catalina.connector.Connector.initInternal(Connect >> or.java:968) >> at org.apache.catalina.util.LifecycleBase.init(LifecycleBase. >> java:107) >> at org.apache.catalina.core.StandardService.initInternal(Standa >> rdService.java:549) >> at org.apache.catalina.util.LifecycleBase.init(LifecycleBase. >> java:107) >> at org.apache.catalina.core.StandardServer.initInternal(Standar >> dServer.java:875) >> at org.apache.catalina.util.LifecycleBase.init(LifecycleBase. >> java:107) >> at org.apache.catalina.startup.Catalina.load(Catalina.java:607) >> at org.apache.catalina.startup.Catalina.load(Catalina.java:630) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce >> ssorImpl.java:57) >> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe >> thodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:606) >> at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:311) >> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:494) >> > You can not use port below 1024 if service is non root. You can use routing via iptables Another option is have a reverse proxy, e.g. nginx listening on 443 fronting your tomcat listening on a higher port. > > I think I did everything the same as before. I uncommented AUTHBIND in > /etc/default/tomcat8, and set it to "AUTHBIND=yes"; an > /etc/authbind/byuid/109 (the uid of the tomcat8 user) was generated with > contents > >> 0.0.0.0/0:1,1023 >> ::/0,1-1023 >> > > and yet still, I get the stack trace given above. > > -- > JHHL > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > -- Guang <http://javadevnotes.com/java-float-to-string-examples/>
