Posted By:
michael_dean
Posted On:
Thursday, February 13, 2003 08:14 AM
Sounds like the old "must-be-superuser-to-bind-to-a-port-under-1024" problem. :)
Check the log file catalina.out for an error such as:
Feb 13, 2003 10:57:06 AM org.apache.coyote.http11.Http11Protocol init
SEVERE: Error initializing endpoint
java.net.BindException: Permission denied:80
... (many lines of stack trace) ...
Catalina.start: LifecycleException:
Protocol handler initialization failed:
java.net.BindException: Permission denied:80
... (many lines of stack trace) ...
Catalina.stop: LifecycleException: This server has not yet been started
LifecycleException: This server has not yet been started
Only the superuser (root) has permission to bind to a port with a number less than 1024. Therefore, starting Tomcat as root will work, but, to the best of my knowledge, it is impossible to start Tomcat as root (allowing it to bind to port 80) and subsequently "drop privileges." That means that your web server will run as root, which can open up a slew of security problems.
If you want a webserver on port 80 and the ability to run servlets/JSP, I highly recommend running Apache HTTPD on port 80 (it does allow you to drop privileges) and have it connect to a Tomcat instance listening on some other port (i.e. 8080) for servlets/JSP.
