singh@xxxxxxxxxxxxxxxxxxx wrote:
This is one thing i have heard from many what's the big deal in opening port 80 of app servers? any pointers
There is no big deal having Tomcat answer directly on port 80.This topic then would be better posted on the Tomcat users mailing list, but in a nutshell :
To be able to open listening server ports < 1024, a process needs to run as root. Port 80 is < 1024.
Apache always starts as user root, opens a listening port 80, then switches to another user-id with lesser permissions to answer requests.
Tomcat does not do that by itself. To start it listening on port 80, you have to run it as root, and then it continues to run as root, which is a bit less comfortable in terms of security. But, you can use a wrapper (named jsvc), to achieve the same thing as Apache. This is already how Tomcat is started by default on some platforms (Linux Debian and Ubuntu e.g.), but it is available for all.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx