1 Reply Latest reply on May 14, 2008 9:57 AM by Patrick Mau

    Problem change default prot 8080 to 80 without root account

    z h Newbie

      I have installed jbossweb-1.0.1.GA,it works fine with root account.

      But I want it would work with other account.

      Then I edited in the jbossweb-1.0.1.GA/server/default/deploy/jbossweb.sar/server.xml


      Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}"
      redirectPort="8443" xpoweredBy="true"


      Connector protocol="HTTP/1.1" port="80" address="${jboss.bind.address}"
      redirectPort="8443" xpoweredBy="true"

      Now,I restart it with root account,it can works fine too.

      but when I change another account like jbossweb,it told me:

      [Http11AprProtocol] Error initializing endpoint
      java.lang.Exception: Socket bind failed: [13] Permission denied

      I can use the jbossweb account with default prot 8080,it would work.

      I means...

      root -> 8080 ok
      other account -> 8080 ok
      root -> 80 ok
      other account -> 80 failed This is which I needed...

      my history:

      #groupadd -g 600 jbossweb
      #useradd -u 601 -g jbossweb jbossweb
      #chown -R root.jbossweb /jbossweb-1.0.1.GA
      #chmod -R 775 /jbossweb-1.0.1.GA
      # su jbossweb -c "/jbossweb-1.0.1.GA/bin/run.sh"

      Linux kernel x86_64
      jdk1.5.0_14 x86_64
      jbossweb-1.0.1.GA x86_64

      Is there anybody have idea? Thank you very much!

        • 1. Re: Problem change default prot 8080 to 80 without root acco
          Patrick Mau Newbie

          It it not possible to bind to ports below 1024 if you are not root.

          Thee most common solution is to install an Apache HTTP server
          in front of jboss. It would proxy all requests to JBoss using HTTP Proxying
          or even AJP and load-balancing (implemented in '-dev' versions of Apache.

          Apache can be configured to run as any user, but you need to be
          able to start it as root.

          I would advice against running JBoss on port 80 directly, because
          you might want to implement fine-grained access control or error handling.

          (i.e. protect '/jmx-console', prevent tomcat error pages, etc.)