在 CentOS 5.5 版（最终版）上的端口 80 上启动 tomcat

发布于 2024-10-30 08:26:12 字数 3121 浏览 6 评论 0原文

我想在端口 80 上启动 Tomcat 6.0.29。我的操作系统是 CentOS 版本 5.5（最终版）我将 $TOMCAT_HOME/conf/server.xml 中的以下行更改

<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>

为

<Connector connectionTimeout="20000" port="80" protocol="HTTP/1.1" redirectPort="8443"/>

然后运行命令：

sudo /etc/init.d/tomcat6 start

在文件 $TOMCAT_HOME/logs/catalina.log 中我发现了这样的异常：

java.net.BindException: Permission denied <null>:80
    at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:549)
    at org.apache.tomcat.util.net.JIoEndpoint.start(JIoEndpoint.java:565)
    at org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:203)
    at org.apache.catalina.connector.Connector.start(Connector.java:1087)
    at org.apache.catalina.core.StandardService.start(StandardService.java:534)
    at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
    at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Caused by: java.net.BindException: Permission denied
    at java.net.PlainSocketImpl.socketBind(Native Method)
    at java.net.PlainSocketImpl.bind(PlainSocketImpl.java:365)
    at java.net.ServerSocket.bind(ServerSocket.java:319)
    at java.net.ServerSocket.<init>(ServerSocket.java:185)
    at java.net.ServerSocket.<init>(ServerSocket.java:141)
    at org.apache.tomcat.util.net.DefaultServerSocketFactory.createSocket(DefaultServerSocketFactory.java:50)
    at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538)
    ... 12 more
0:11:56 org.apache.catalina.startup.Catalina start
SEVERE: Catalina.start:
LifecycleException:  service.getName(): "Catalina";  Protocol handler start failed: `java.net.BindException: Permission denied <null>:80
    at org.apache.catalina.connector.Connector.start(Connector.java:1094)
    at org.apache.catalina.core.StandardService.start(StandardService.java:534)
    at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
    at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
0:11:56 org.apache.catalina.startup.Catalina start`

提前致谢

原文

I want to start Tomcat 6.0.29 on port 80.
My OS is CentOS release 5.5 (Final)
I changed following line in $TOMCAT_HOME/conf/server.xml

<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>

<Connector connectionTimeout="20000" port="80" protocol="HTTP/1.1" redirectPort="8443"/>

Then I run command:

sudo /etc/init.d/tomcat6 start

In file $TOMCAT_HOME/logs/catalina.log I found such exceptions:

java.net.BindException: Permission denied <null>:80
    at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:549)
    at org.apache.tomcat.util.net.JIoEndpoint.start(JIoEndpoint.java:565)
    at org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:203)
    at org.apache.catalina.connector.Connector.start(Connector.java:1087)
    at org.apache.catalina.core.StandardService.start(StandardService.java:534)
    at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
    at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Caused by: java.net.BindException: Permission denied
    at java.net.PlainSocketImpl.socketBind(Native Method)
    at java.net.PlainSocketImpl.bind(PlainSocketImpl.java:365)
    at java.net.ServerSocket.bind(ServerSocket.java:319)
    at java.net.ServerSocket.<init>(ServerSocket.java:185)
    at java.net.ServerSocket.<init>(ServerSocket.java:141)
    at org.apache.tomcat.util.net.DefaultServerSocketFactory.createSocket(DefaultServerSocketFactory.java:50)
    at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:538)
    ... 12 more
0:11:56 org.apache.catalina.startup.Catalina start
SEVERE: Catalina.start:
LifecycleException:  service.getName(): "Catalina";  Protocol handler start failed: `java.net.BindException: Permission denied <null>:80
    at org.apache.catalina.connector.Connector.start(Connector.java:1094)
    at org.apache.catalina.core.StandardService.start(StandardService.java:534)
    at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
    at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
0:11:56 org.apache.catalina.startup.Catalina start`

Thanks in advance

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

残疾 2024-11-06 08:26:12

1-1023 范围内的端口具有特权。仅允许 root 绑定到它们。

至少有两种方法可以解决此问题：

以 root 身份运行。当然，您需要权衡由此带来的额外安全风险； Tomcat 本身的安全漏洞（我相信很少）以及您的 Web 应用程序包含的安全漏洞（例如，这可能导致人们读取 /etc/shadow 作为示例），而这又是简单直接的。 p>
使用 jsvc 作为服务运行。请参阅 http://tomcat.apache.org/tomcat-5.5-doc/setup。有关 jsvc 的详细信息，请参见 html。设置起来比较麻烦，但 root 只会参与设置端口，然后 Tomcat 将以没有特殊权限的用户身份运行。我建议对任何重要的设置使用此方法。

不管你选择哪种方式，Tomcat的实际启动都需要root权限。

///BR，JenEriC

回复收藏 0 原文

夜深人未静 2024-11-06 08:26:12

在 Tomcat 前面运行 Apache，并使用 mod_rewrite 将端口 80 (Apache) 上的所有请求连接到 AJP 端口 (8009) 上的 Tomcat。

yum install httpd
chkconfig httpd on
vi /etc/httpd/conf.d/proxy.conf

RewriteEngine On
RewriteRule ^/(.*)$ ajp://localhost:8009/$1 [P,QSA,L]

service httpd start

你完成了。

Run Apache in front of Tomcat and connect all requests on Port 80 (Apache) to Tomcat on the AJP port (8009) using mod_rewrite.

yum install httpd
chkconfig httpd on
vi /etc/httpd/conf.d/proxy.conf

RewriteEngine On
RewriteRule ^/(.*)$ ajp://localhost:8009/$1 [P,QSA,L]

service httpd start

You're done.

回复收藏 0 原文

時窥 2024-11-06 08:26:12

您可以将“/etc/default/tomcat6”的 AUTHBIND 属性更改为“yes”，如下所示

AUTHBIND=yes

重新启动 tomcat，这将使您能够使用可用的特权端口 (1-1023)。

You can change AUTHBIND property of "/etc/default/tomcat6" to "yes" as follows

AUTHBIND=yes

Restart your tomcat and that will enable you to use available privileged port (1-1023).

回复收藏 0 原文

何以畏孤独 2024-11-06 08:26:12

另一种选择是使用 authbind。

来自维基百科：

authbind 软件允许通常需要超级用户权限才能访问特权网络服务的程序作为非特权用户运行。

回复收藏 0 原文

幸福丶如此 2024-11-06 08:26:12

我使用nginx 2将80绑定到8080，这是tomcat绑定到的端口。

我的 nginx 配置是这样的：

{ server

listen 80;
   #which you can edit in /etc/hosts file.It can bind mydomain.com to 127.0.0.1
server_name mydomain.com; 
location / {
    proxy_redirect off;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_pass http://127.0.0.1:8080;
}
access_log logs/xxx456.tk_access.log;

}

i use nginx 2 bind 80 to 8080 which is the port that tomcat bind to.

my nginx configure is like this:

{ server

listen 80;
   #which you can edit in /etc/hosts file.It can bind mydomain.com to 127.0.0.1
server_name mydomain.com; 
location / {
    proxy_redirect off;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_pass http://127.0.0.1:8080;
}
access_log logs/xxx456.tk_access.log;

}

回复收藏 0 原文