This looks like a continuation of this thread from 11 days ago: https://www.mail-archive.com/users@tomcat.apache.org/msg128541.html
On Tue, Mar 13, 2018 at 2:16 PM, Cheltenham, Chris <ccheltenham-...@philasd.org> wrote: > Chris, > > I see JSVC will allow a non root user to bund to 443 > Somehow I have to get these libraries into TOMCAT? > > Correct? > > > =========================== > > Thank You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > > -----Original Message----- > From: Christopher Schultz [mailto:ch...@christopherschultz.net] > Sent: Tuesday, March 13, 2018 2:03 PM > To: Tomcat Users List <users@tomcat.apache.org> > Subject: Re: Binding a non root user to port 443 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Chris, > > On 3/13/18 1:26 PM, Cheltenham, Chris wrote: >> Is there a way to redirect ports 80 and 443 to 8443. >> >> I have a non root user but I cannot use CentOS firewalld nor iptables. > > How about authbind? > >> I have tried these things. >> >> <Connectorport="443"protocol="HTTP/1.1" enableLookups="false" >> redirectPort="8443"/> > > The redirectPort here is useless (it's for redirecting non-secure traffic to > a secure port). Here, you are already secure (and redirecting to 8443 won't > go anywhere. Just remove the attribute. > >> But it still fails. > > This will fail on most *NIXs because non-root can't bind to ports below > 1024. > > Are you able to run jsvc? It will allow you to bind to ports and then drop > privileges. > > - -chris > -----BEGIN PGP SIGNATURE----- > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQJRBAEBCAA7FiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlqoEk4dHGNocmlzQGNo > cmlzdG9waGVyc2NodWx0ei5uZXQACgkQHPApP6U8pFie3Q/9EQNO8FUrJOT1RvK1 > L1/kh37xsg6P0QwQJmPf2FT1jyw1485BHU6v1WlOAj65RskoRj0YDgCXb4EKlKqm > Tla1205+El0ZjIKzKVUnipqmmIDcGgaHq+T1BV4L3KSKHa4t4Kf1c42xkuXA0XkJ > bV2kCbZU29Utz82hNZmOK86X2RwveoNipPMDjJQFhm/inikE8tYhhl4qsoTPnpEW > FQMB3+KkPvtdju2B9vW2mv85z6kBlDA3A4DfhOsnjJ0mBkcICGogRJ8Y1qMAfnGm > z+4vH9Lf83Qdr3XNW/il4Viv5DjM9KpO5oZZuSSGdax0wMyqgY/dgEVPc0NSRkAj > z+uhAXSjx03DGCmSpcO8txRT3f/uLiRRz5RxH9s4U1eLbXXdqhpZaum4x0uLhzC5 > t3+GKGCtE5pqvLg6lyikKHF8SQjS1EGL1Za3Nsqi0Yy09I8QHoHuTRP1MyobGB7p > h191divVIstWkpcAtO4rkTw5dWepGGFUBmxrJQ60zMMOgYlXTYWpbQAqjKmQcNd/ > cQpMhSbKBEFOYjEvlF4d7afAsF/6ir3/Ye2oLzmdADvzgMBZzRkSnlVZc7X4m60C > d8c9S6NIwVhZuio2ydZ1wHQ73bXoxyt+wO6+3AiE0ixYH/9IC8hbYQwOCSjXm6ti > 05E7jxsIcHs2su73QTyy0rUIkdQ= > =XLrN > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
