Hi Johnny,
Using iptables works as you say but I always used to use jsvc which is a
program supplied with tomcat that you have to compile and install first.
However, all that nonsense has been cleared away in Tomcat6 and 7
running under Debian and Ubuntu distributions which recommend you change
the 'authbind' setting in /etc/default/tomcat6 [or tomcat7]. A good
description can be found by Jason B [1].
Hope that helps.
David Legg
[1] http://blogs.mulesoft.org/a-better-tomcat-for-ubuntu-and-debian/
On 17/01/13 22:11, Johnny Minty wrote:
Hi Guys,
In a previous thread I was talking about creating a web app for Apache James.
Along this same train of thinking In development I have successfully got James
to deploy under Jetty using the App package and changing the reference to the
spring-server.xml in the web.xml file.
The big problem I see with this approach is the age old issue of port binding.
When running the web app and James as a non root user you cannot bind to ports
1-1024. Common solutions to this is using iptables to redirect the ports,
running tomcat/jetty as root etc.
I was wondering if you have any better suggestions to minimize the security
implications of running this set-up. In production I will be using tomcat and
centos6 I know this isn't largely focus around a JAMES specific issue however
for users wanting to run the same set-up I think this discussion will be worth
while.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
